diff options
| author | dteske <dteske@FreeBSD.org> | 2014-03-14 03:37:08 +0000 |
|---|---|---|
| committer | dteske <dteske@FreeBSD.org> | 2014-03-14 03:37:08 +0000 |
| commit | a1988153655a46f5665608c3b5e97555128d93a4 (patch) | |
| tree | c1fe7804690e03ba3fb077fcc9f42781c42cedc8 /usr.sbin/bsdconfig/usermgmt/share | |
| parent | c22d6758dd07021199bab274c8b5aea1a9ccc1d7 (diff) | |
| download | FreeBSD-src-a1988153655a46f5665608c3b5e97555128d93a4.zip FreeBSD-src-a1988153655a46f5665608c3b5e97555128d93a4.tar.gz | |
Add protection against input containing single-quotes (e.g., i18n-users).
Diffstat (limited to 'usr.sbin/bsdconfig/usermgmt/share')
| -rw-r--r-- | usr.sbin/bsdconfig/usermgmt/share/group.subr | 59 | ||||
| -rw-r--r-- | usr.sbin/bsdconfig/usermgmt/share/group_input.subr | 73 |
2 files changed, 97 insertions, 35 deletions
diff --git a/usr.sbin/bsdconfig/usermgmt/share/group.subr b/usr.sbin/bsdconfig/usermgmt/share/group.subr index 0a9c5a9..fb320d1 100644 --- a/usr.sbin/bsdconfig/usermgmt/share/group.subr +++ b/usr.sbin/bsdconfig/usermgmt/share/group.subr @@ -156,10 +156,17 @@ f_group_add() case "$mtag" in X) # Add/Exit - local cmd="pw groupadd -n '$group_name'" - [ "$group_gid" ] && cmd="$cmd -g '$group_gid'" + local var + for var in gid members name; do + local _group_$var + eval f_shell_escape \ + \"\$group_$var\" _group_$var + done + + local cmd="pw groupadd -n '$_group_name'" + [ "$group_gid" ] && cmd="$cmd -g '$_group_gid'" [ "$group_members" ] && - cmd="$cmd -M '$group_members'" + cmd="$cmd -M '$_group_members'" # Execute the command (break on success) if [ "$group_password_disable" ]; then @@ -196,10 +203,16 @@ f_group_add() esac done else + local var + for var in gid members name; do + local _group_$var + eval f_shell_escape \"\$group_$var\" _group_$var + done + # Form the command - local cmd="pw groupadd -n '$group_name'" - [ "$group_gid" ] && cmd="$cmd -g '$group_gid'" - [ "$group_members" ] && cmd="$cmd -M '$group_members'" + local cmd="pw groupadd -n '$_group_name'" + [ "$group_gid" ] && cmd="$cmd -g '$_group_gid'" + [ "$group_members" ] && cmd="$cmd -M '$_group_members'" # Execute the command local retval err @@ -276,8 +289,10 @@ f_group_delete() case "$mtag" in X) # Delete/Exit + local _group_name + f_shell_escape "$group_name" _group_name f_eval_catch $funcname pw 'pw groupdel "%s"' \ - "$group_name" && break + "$_group_name" && break ;; 1) # Group Name (select different group from list) f_dialog_menu_group_list "$group_name" || continue @@ -296,9 +311,10 @@ f_group_delete() esac done else - local retval err + local retval err _group_name + f_shell_escape "$group_name" _group_name f_eval_catch -k err $funcname pw \ - 'pw groupdel "%s"' "$group_name" + "pw groupdel '%s'" "$_group_name" retval=$? if [ $retval -ne $SUCCESS ]; then f_show_err "%s" "$err" @@ -406,10 +422,17 @@ f_group_edit() case "$mtag" in X) # Save/Exit - local cmd="pw groupmod -n '$group_name'" - [ "$group_gid" ] && cmd="$cmd -g '$group_gid'" + local var + for var in gid members name; do + local _group_$var + eval f_shell_escape \ + \"\$group_$var\" _group_$var + done + + local cmd="pw groupmod -n '$_group_name'" + [ "$group_gid" ] && cmd="$cmd -g '$_group_gid'" [ "$group_members" -o "$null_members" ] && - cmd="$cmd -M '$group_members'" + cmd="$cmd -M '$_group_members'" # Execute the command (break on success) if [ "$group_password_disable" ]; then @@ -451,11 +474,17 @@ f_group_edit() esac done else + local var + for var in gid members name; do + local _group_$var + eval f_shell_escape \"\$group_$var\" _group_$var + done + # Form the command - local cmd="pw groupmod -n '$group_name'" - [ "$group_gid" ] && cmd="$cmd -g '$group_gid'" + local cmd="pw groupmod -n '$_group_name'" + [ "$group_gid" ] && cmd="$cmd -g '$_group_gid'" [ "$group_members" -o "$null_members" ] && - cmd="$cmd -M '$group_members'" + cmd="$cmd -M '$_group_members'" # Execute the command local retval err diff --git a/usr.sbin/bsdconfig/usermgmt/share/group_input.subr b/usr.sbin/bsdconfig/usermgmt/share/group_input.subr index 45d4a4c..2e8c086 100644 --- a/usr.sbin/bsdconfig/usermgmt/share/group_input.subr +++ b/usr.sbin/bsdconfig/usermgmt/share/group_input.subr @@ -53,12 +53,16 @@ f_input_group() f_dprintf "$funcname: Getting info for group \`%s'" "$group" eval "$( pw groupshow "$group" 2> /dev/null | awk -F: ' + function set_value(var, value) { + gsub(/'\''/, "'\''\\'\'\''", value) + printf "group_%s='\'%s\''\n", var, value + } { found = $1 != "" - printf "group_name='\'%s\''\n", $1 - printf "group_password=\n" - printf "group_gid='\'%s\''\n", $3 - printf "group_members='\'%s\''\n", $4 + set_value("name", $1) + set_value("password", "") + set_value("gid", $3) + set_value("members", $4) exit } END { if (!found) print "false" }' )" @@ -80,10 +84,13 @@ f_dialog_menu_group_list() # Add groups from group(5) menu_list="$menu_list $( pw groupshow -a | awk -F: ' - !/^[[:space:]]*(#|$)/ { - printf "'\'%s\'\ \'%s\''\n", $1, $1 - }' - )" + function mprint(tag, item) { + gsub(/'\''/, "'\''\\'\'\''", tag) + gsub(/'\''/, "'\''\\'\'\''", item) + printf "'\'%s\'\ \'%s\''\n", tag, item + } + !/^[[:space:]]*(#|$)/ { mprint($1, $1) } + ' )" local height width rows eval f_dialog_menu_size height width rows \ @@ -331,16 +338,18 @@ f_dialog_input_group_members() X) # Exit break ;; 1) # Select Group Members from a list - local __user_list __length=0 __user __check_list= + local __check_list= # Calculated below + local __user_list __u __user __length=0 __user_list=$( pw usershow -a | awk -F: '!/^[[:space:]]*(#|$)/{print $1}' ) while [ $__length -ne ${#__user_list} ]; do - __user="${__user_list%%$NL*}" # First line + __u="${__user_list%%$NL*}" # First line + f_shell_escape "$__u" __user # Format of a checklist entry: tag item status __check_list="$__check_list '$__user' ''" case "$__input" in - "$__user"|"$__user",*|*,"$__user",*|*,"$__user") + "$__u"|"$__u",*|*,"$__u",*|*,"$__u") __check_list="$__check_list on" ;; *) __check_list="$__check_list off" @@ -416,12 +425,20 @@ f_dialog_menu_group_add() local defaultitem="$1" local hline="$hline_arrows_tab_enter" + # Localize potentially hostile variables and escape their values + # to the local variable (see f_shell_escape() of `strings.subr') + local var + for var in gid members name; do + local _group_$var + eval f_shell_escape \"\$group_$var\" _group_$var + done + menu_list=" 'X' '$msg_add/$msg_exit' - '1' '$msg_group: $group_name' + '1' '$msg_group: $_group_name' '2' '$msg_password: -----' - '3' '$msg_group_id: $group_gid' - '4' '$msg_group_members: $group_members' + '3' '$msg_group_id: $_group_gid' + '4' '$msg_group_members: $_group_members' " # END-QUOTE local height width rows @@ -470,12 +487,20 @@ f_dialog_menu_group_delete() local group_name group_password group_gid group_members f_input_group "$1" + # Localize potentially hostile variables and escape their values + # to the local variable (see f_shell_escape() of `strings.subr') + local var + for var in gid members name; do + local _group_$var + eval f_shell_escape \"\$group_$var\" _group_$var + done + menu_list=" 'X' '$msg_delete/$msg_exit' - '1' '$msg_group: $group_name' + '1' '$msg_group: $_group_name' '-' '$msg_password: -----' - '-' '$msg_group_id: $group_gid' - '-' '$msg_group_members: $group_members' + '-' '$msg_group_id: $_group_gid' + '-' '$msg_group_members: $_group_members' " # END-QUOTE local height width rows @@ -521,12 +546,20 @@ f_dialog_menu_group_edit() local defaultitem="$1" local hline="$hline_arrows_tab_enter" + # Localize potentially hostile variables and escape their values + # to the local variable (see f_shell_escape() of `strings.subr') + local var + for var in gid members name; do + local _group_$var + eval f_shell_escape \"\$group_$var\" _group_$var + done + menu_list=" 'X' '$msg_save/$msg_exit' - '1' '$msg_group: $group_name' + '1' '$msg_group: $_group_name' '2' '$msg_password: -----' - '3' '$msg_group_id: $group_gid' - '4' '$msg_group_members: $group_members' + '3' '$msg_group_id: $_group_gid' + '4' '$msg_group_members: $_group_members' " # END-QUOTE local height width rows |
