diff options
author | green <green@FreeBSD.org> | 1999-09-03 18:18:46 +0000 |
---|---|---|
committer | green <green@FreeBSD.org> | 1999-09-03 18:18:46 +0000 |
commit | 6ea78090c5694d5a98d96b43f49b62f751f37955 (patch) | |
tree | 7ade26bfb6e45563cc8eacd6e34fc42f8205b8fb /sbin/ipfw | |
parent | e2743a028659685a35f3a1537104d6fb50a44692 (diff) | |
download | FreeBSD-src-6ea78090c5694d5a98d96b43f49b62f751f37955.zip FreeBSD-src-6ea78090c5694d5a98d96b43f49b62f751f37955.tar.gz |
Make the "uid" and "gid" code better. Now it can detect invalid user
names/numbers.
Reviewed by: chris
Diffstat (limited to 'sbin/ipfw')
-rw-r--r-- | sbin/ipfw/ipfw.c | 24 |
1 files changed, 20 insertions, 4 deletions
diff --git a/sbin/ipfw/ipfw.c b/sbin/ipfw/ipfw.c index d297119..5a160dc 100644 --- a/sbin/ipfw/ipfw.c +++ b/sbin/ipfw/ipfw.c @@ -1273,27 +1273,43 @@ add(ac,av) while (ac) { if (!strncmp(*av,"uid",strlen(*av))) { struct passwd *pwd; + char *end; + uid_t uid; rule.fw_flg |= IP_FW_F_UID; ac--; av++; if (!ac) show_usage("``uid'' requires argument"); - rule.fw_uid = (pwd = getpwnam(*av)) ? pwd->pw_uid - : strtoul(*av, NULL, 0); + uid = strtoul(*av, &end, 0); + if (*end == '\0') + pwd = getpwuid(uid); + else + pwd = getpwnam(*av); + if (pwd == NULL) + show_usage("uid \"%s\" is nonexistant", *av); + rule.fw_uid = pwd->pw_uid; ac--; av++; continue; } if (!strncmp(*av,"gid",strlen(*av))) { struct group *grp; + char *end; + gid_t gid; rule.fw_flg |= IP_FW_F_GID; ac--; av++; if (!ac) show_usage("``gid'' requires argument"); - rule.fw_gid = (grp = getgrnam(*av)) ? (gid_t)grp->gr_gid - : strtoul(*av, NULL, 0); + gid = strtoul(*av, &end, 0); + if (*end == '\0') + grp = getgrgid(gid); + else + grp = getgrnam(*av); + if (grp == NULL) + show_usage("gid \"%s\" is nonexistant", *av); + rule.fw_gid = grp->gr_gid; ac--; av++; continue; } |