From 5df8300abf919431bbeedfbabfa605cf95f01080 Mon Sep 17 00:00:00 2001 From: bapt Date: Wed, 2 Dec 2015 22:01:37 +0000 Subject: Fix handling of numeric-only names with pw lock Add a regression test about it PR: 204968 MFC after: 1 week --- usr.sbin/pw/pw_user.c | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) (limited to 'usr.sbin/pw/pw_user.c') diff --git a/usr.sbin/pw/pw_user.c b/usr.sbin/pw/pw_user.c index 5c168ab..61c2440 100644 --- a/usr.sbin/pw/pw_user.c +++ b/usr.sbin/pw/pw_user.c @@ -274,7 +274,7 @@ pw_userlock(char *arg1, int mode) char *passtmp = NULL; char *name; bool locked = false; - uid_t id; + uid_t id = (uid_t)-1; if (geteuid() != 0) errx(EX_NOPERM, "you must be root"); @@ -282,16 +282,19 @@ pw_userlock(char *arg1, int mode) if (arg1 == NULL) errx(EX_DATAERR, "username or id required"); - if (arg1[strspn(arg1, "0123456789")] == '\0') { - id = pw_checkid(arg1, UID_MAX); - name = NULL; - } else - name = arg1; + name = arg1; + if (arg1[strspn(name, "0123456789")] == '\0') + id = pw_checkid(name, UID_MAX); - pwd = (name != NULL) ? GETPWNAM(pw_checkname(name, 0)) : GETPWUID(id); + pwd = GETPWNAM(pw_checkname(name, 0)); + if (pwd == NULL && id != (uid_t)-1) { + pwd = GETPWUID(id); + if (pwd != NULL) + name = pwd->pw_name; + } if (pwd == NULL) { - if (name == NULL) - errx(EX_NOUSER, "no such uid `%ju'", (uintmax_t) id); + if (id == (uid_t)-1) + errx(EX_NOUSER, "no such name or uid `%ju'", (uintmax_t) id); errx(EX_NOUSER, "no such user `%s'", name); } -- cgit v1.1