diff options
author | bapt <bapt@FreeBSD.org> | 2015-07-28 21:10:58 +0000 |
---|---|---|
committer | bapt <bapt@FreeBSD.org> | 2015-07-28 21:10:58 +0000 |
commit | ae6e75a0368f864fa5e7370c164dcd8790d53650 (patch) | |
tree | 82c9c411d410f52f3c10b0ce3e5ae4e9d36d7317 /usr.sbin | |
parent | 39f3813b41e9677f563696f0ce3f25d9f82adc71 (diff) | |
download | FreeBSD-src-ae6e75a0368f864fa5e7370c164dcd8790d53650.zip FreeBSD-src-ae6e75a0368f864fa5e7370c164dcd8790d53650.tar.gz |
Check uid/gid used when creating a user/group are not larger than UID_MAX/GID_MAX
PR: 173977
Reported by: nvass@gmx.com
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/pw/pw.c | 4 | ||||
-rw-r--r-- | usr.sbin/pw/tests/Makefile | 1 | ||||
-rwxr-xr-x | usr.sbin/pw/tests/pw_groupadd.sh | 15 | ||||
-rwxr-xr-x | usr.sbin/pw/tests/pw_useradd.sh | 8 |
4 files changed, 26 insertions, 2 deletions
diff --git a/usr.sbin/pw/pw.c b/usr.sbin/pw/pw.c index 3db427a..c1d9cd3 100644 --- a/usr.sbin/pw/pw.c +++ b/usr.sbin/pw/pw.c @@ -269,7 +269,7 @@ main(int argc, char *argv[]) } if (strspn(optarg, "0123456789") != strlen(optarg)) errx(EX_USAGE, "-g expects a number"); - id = strtonum(optarg, 0, LONG_MAX, &errstr); + id = strtonum(optarg, 0, GID_MAX, &errstr); if (errstr != NULL) errx(EX_USAGE, "Bad id '%s': %s", optarg, errstr); @@ -281,7 +281,7 @@ main(int argc, char *argv[]) addarg(&arglist, 'u', optarg); break; } - id = strtonum(optarg, 0, LONG_MAX, &errstr); + id = strtonum(optarg, 0, UID_MAX, &errstr); if (errstr != NULL) errx(EX_USAGE, "Bad id '%s': %s", optarg, errstr); diff --git a/usr.sbin/pw/tests/Makefile b/usr.sbin/pw/tests/Makefile index 193b8ab..c43285f 100644 --- a/usr.sbin/pw/tests/Makefile +++ b/usr.sbin/pw/tests/Makefile @@ -8,6 +8,7 @@ TESTSDIR= ${TESTSBASE}/usr.sbin/pw ATF_TESTS_SH= pw_etcdir \ pw_lock \ pw_config \ + pw_groupadd \ pw_groupdel \ pw_groupmod \ pw_useradd \ diff --git a/usr.sbin/pw/tests/pw_groupadd.sh b/usr.sbin/pw/tests/pw_groupadd.sh new file mode 100755 index 0000000..9c8fdf1 --- /dev/null +++ b/usr.sbin/pw/tests/pw_groupadd.sh @@ -0,0 +1,15 @@ +# $FreeBSD$ + +# Import helper functions +. $(atf_get_srcdir)/helper_functions.shin + +atf_test_case group_add_gid_too_large +group_add_gid_too_large_body() { + populate_etc_skel + atf_check -s exit:64 -e inline:"pw: Bad id '9999999999999': too large\n" \ + ${PW} groupadd -n test1 -g 9999999999999 +} + +atf_init_test_cases() { + atf_add_test_case group_add_gid_too_large +} diff --git a/usr.sbin/pw/tests/pw_useradd.sh b/usr.sbin/pw/tests/pw_useradd.sh index 880dab5..7306387 100755 --- a/usr.sbin/pw/tests/pw_useradd.sh +++ b/usr.sbin/pw/tests/pw_useradd.sh @@ -289,6 +289,13 @@ user_add_uid0_body() { -s exit:0 ${PW} usershow foo } +atf_test_case user_add_uid_too_large +user_add_uid_too_large_body() { + populate_etc_skel + atf_check -s exit:64 -e inline:"pw: Bad id '9999999999999': too large\n" \ + ${PW} useradd -n test1 -u 9999999999999 +} + atf_init_test_cases() { atf_add_test_case user_add atf_add_test_case user_add_noupdate @@ -313,4 +320,5 @@ atf_init_test_cases() { atf_add_test_case user_add_R atf_add_test_case user_add_skel atf_add_test_case user_add_uid0 + atf_add_test_case user_add_uid_too_large } |