LXR busybox/libpwdgrp/pwd

   1/* vi: set sw=4 ts=4: */
   2/*
   3 * Copyright (C) 2014 Tito Ragusa <farmatito@tiscali.it>
   4 *
   5 * Licensed under GPLv2 or later, see file LICENSE in this source tree.
   6 */
   7/* This program is distributed in the hope that it will be useful,
   8 * but WITHOUT ANY WARRANTY!!
   9 *
  10 * Rewrite of some parts. Main differences are:
  11 *
  12 * 1) the buffer for getpwuid, getgrgid, getpwnam, getgrnam is dynamically
  13 *    allocated.
  14 *    If ENABLE_FEATURE_CLEAN_UP is set the buffers are freed at program
  15 *    exit using the atexit function to make valgrind happy.
  16 * 2) the passwd/group files:
  17 *      a) must contain the expected number of fields (as per count of field
  18 *         delimiters ":") or we will complain with a error message.
  19 *      b) leading and trailing whitespace in fields is stripped.
  20 *      c) some fields are not allowed to be empty (e.g. username, uid/gid),
  21 *         and in this case NULL is returned and errno is set to EINVAL.
  22 *         This behaviour could be easily changed by modifying PW_DEF, GR_DEF,
  23 *         SP_DEF strings (uppercase makes a field mandatory).
  24 *      d) the string representing uid/gid must be convertible by strtoXX
  25 *         functions, or errno is set to EINVAL.
  26 *      e) leading and trailing whitespace in group member names is stripped.
  27 * 3) the internal function for getgrouplist uses dynamically allocated buffer.
  28 * 4) at the moment only the functions really used by busybox code are
  29 *    implemented, if you need a particular missing function it should be
  30 *    easy to write it by using the internal common code.
  31 */
  32#include "libbb.h"
  33
  34struct const_passdb {
  35        const char *filename;
  36        char def[7 + 2*ENABLE_USE_BB_SHADOW];
  37        uint8_t off[7 + 2*ENABLE_USE_BB_SHADOW];
  38        uint8_t numfields;
  39        uint8_t size_of;
  40};
  41struct passdb {
  42        const char *filename;
  43        char def[7 + 2*ENABLE_USE_BB_SHADOW];
  44        uint8_t off[7 + 2*ENABLE_USE_BB_SHADOW];
  45        uint8_t numfields;
  46        uint8_t size_of;
  47        FILE *fp;
  48        char *malloced;
  49};
  50/* Note: for shadow db, def[] will not contain terminating NUL,
  51 * but convert_to_struct() logic detects def[] end by "less than SP?",
  52 * not by "is it NUL?" condition; and off[0] happens to be zero
  53 * for every db anyway, so there _is_ in fact a terminating NUL there.
  54 */
  55
  56/* S = string not empty, s = string maybe empty,
  57 * I = uid,gid, l = long maybe empty, m = members,
  58 * r = reserved
  59 */
  60#define PW_DEF "SsIIsss"
  61#define GR_DEF "SsIm"
  62#define SP_DEF "Ssllllllr"
  63
  64static const struct const_passdb const_pw_db = {
  65        _PATH_PASSWD, PW_DEF,
  66        {
  67                offsetof(struct passwd, pw_name),       /* 0 S */
  68                offsetof(struct passwd, pw_passwd),     /* 1 s */
  69                offsetof(struct passwd, pw_uid),        /* 2 I */
  70                offsetof(struct passwd, pw_gid),        /* 3 I */
  71                offsetof(struct passwd, pw_gecos),      /* 4 s */
  72                offsetof(struct passwd, pw_dir),        /* 5 s */
  73                offsetof(struct passwd, pw_shell)       /* 6 s */
  74        },
  75        sizeof(PW_DEF)-1, sizeof(struct passwd)
  76};
  77static const struct const_passdb const_gr_db = {
  78        _PATH_GROUP, GR_DEF,
  79        {
  80                offsetof(struct group, gr_name),        /* 0 S */
  81                offsetof(struct group, gr_passwd),      /* 1 s */
  82                offsetof(struct group, gr_gid),         /* 2 I */
  83                offsetof(struct group, gr_mem)          /* 3 m (char **) */
  84        },
  85        sizeof(GR_DEF)-1, sizeof(struct group)
  86};
  87#if ENABLE_USE_BB_SHADOW
  88static const struct const_passdb const_sp_db = {
  89        _PATH_SHADOW, SP_DEF,
  90        {
  91                offsetof(struct spwd, sp_namp),         /* 0 S Login name */
  92                offsetof(struct spwd, sp_pwdp),         /* 1 s Encrypted password */
  93                offsetof(struct spwd, sp_lstchg),       /* 2 l */
  94                offsetof(struct spwd, sp_min),          /* 3 l */
  95                offsetof(struct spwd, sp_max),          /* 4 l */
  96                offsetof(struct spwd, sp_warn),         /* 5 l */
  97                offsetof(struct spwd, sp_inact),        /* 6 l */
  98                offsetof(struct spwd, sp_expire),       /* 7 l */
  99                offsetof(struct spwd, sp_flag)          /* 8 r Reserved */
 100        },
 101        sizeof(SP_DEF)-1, sizeof(struct spwd)
 102};
 103#endif
 104
 105/* We avoid having big global data. */
 106struct statics {
 107        /* We use same buffer (db[0].malloced) for getpwuid and getpwnam.
 108         * Manpage says:
 109         * "The return value may point to a static area, and may be overwritten
 110         * by subsequent calls to getpwent(), getpwnam(), or getpwuid()."
 111         */
 112        struct passdb db[2 + ENABLE_USE_BB_SHADOW];
 113        char *tokenize_end;
 114        unsigned string_size;
 115};
 116
 117static struct statics *ptr_to_statics;
 118#define S     (*ptr_to_statics)
 119#define has_S (ptr_to_statics)
 120
 121#if ENABLE_FEATURE_CLEAN_UP
 122static void free_static(void)
 123{
 124        free(S.db[0].malloced);
 125        free(S.db[1].malloced);
 126# if ENABLE_USE_BB_SHADOW
 127        free(S.db[2].malloced);
 128# endif
 129        free(ptr_to_statics);
 130}
 131#endif
 132
 133static struct statics *get_S(void)
 134{
 135        if (!ptr_to_statics) {
 136                ptr_to_statics = xzalloc(sizeof(S));
 137                memcpy(&S.db[0], &const_pw_db, sizeof(const_pw_db));
 138                memcpy(&S.db[1], &const_gr_db, sizeof(const_gr_db));
 139#if ENABLE_USE_BB_SHADOW
 140                memcpy(&S.db[2], &const_sp_db, sizeof(const_sp_db));
 141#endif
 142#if ENABLE_FEATURE_CLEAN_UP
 143                atexit(free_static);
 144#endif
 145        }
 146        return ptr_to_statics;
 147}
 148
 149/* Internal functions */
 150
 151/* Divide the passwd/group/shadow record in fields
 152 * by substituting the given delimiter
 153 * e.g. ':' or ',' with '\0'.
 154 * Returns the number of fields found.
 155 * Strips leading and trailing whitespace in fields.
 156 */
 157static int tokenize(char *buffer, int ch)
 158{
 159        char *p = buffer;
 160        char *s = p;
 161        int num_fields = 0;
 162
 163        for (;;) {
 164                if (isblank(*s)) {
 165                        overlapping_strcpy(s, skip_whitespace(s));
 166                }
 167                if (*p == ch || *p == '\0') {
 168                        char *end = p;
 169                        while (p != s && isblank(p[-1]))
 170                                p--;
 171                        if (p != end)
 172                                overlapping_strcpy(p, end);
 173                        num_fields++;
 174                        if (*end == '\0') {
 175                                S.tokenize_end = p + 1;
 176                                return num_fields;
 177                        }
 178                        *p = '\0';
 179                        s = p + 1;
 180                }
 181                p++;
 182        }
 183}
 184
 185/* Returns !NULL on success and matching line broken up in fields by '\0' in buf.
 186 * We require the expected number of fields to be found.
 187 */
 188static char *parse_common(FILE *fp, struct passdb *db,
 189                const char *key, int field_pos)
 190{
 191        char *buf;
 192
 193        while ((buf = xmalloc_fgetline(fp)) != NULL) {
 194                int n;
 195                char *field;
 196
 197                /* Skip empty lines, comment lines */
 198                if (buf[0] == '\0' || buf[0] == '#')
 199                        goto free_and_next;
 200                if (tokenize(buf, ':') != db->numfields) {
 201                        /* number of fields is wrong */
 202                        bb_error_msg("%s: bad record", db->filename);
 203                        goto free_and_next;
 204                }
 205
 206                if (field_pos == -1) {
 207                        /* no key specified: sequential read, return a record */
 208                        break;
 209                }
 210                /* Can't use nth_string() here, it does not allow empty strings
 211                 * ("\0\0" terminates the list), and a valid passwd entry
 212                 * "user::UID:GID..." would be mishandled */
 213                n = field_pos;
 214                field = buf;
 215                while (n) {
 216                        n--;
 217                        field += strlen(field) + 1;
 218                }
 219                if (strcmp(key, field) == 0) {
 220                        /* record found */
 221                        break;
 222                }
 223 free_and_next:
 224                free(buf);
 225        }
 226
 227        S.string_size = S.tokenize_end - buf;
 228/*
 229 * Ugly hack: group db requires additional buffer space
 230 * for members[] array. If there is only one group, we need space
 231 * for 3 pointers: alignment padding, group name, NULL.
 232 * +1 for every additional group.
 233 */
 234        if (buf && db->numfields == sizeof(GR_DEF)-1) { /* if we read group file... */
 235                int cnt = 3;
 236                char *p = buf;
 237                while (p < S.tokenize_end)
 238                        if (*p++ == ',')
 239                                cnt++;
 240                S.string_size += cnt * sizeof(char*);
 241//bb_error_msg("+%d words = %u key:%s buf:'%s'", cnt, S.string_size, key, buf);
 242                buf = xrealloc(buf, S.string_size);
 243        }
 244
 245        return buf;
 246}
 247
 248static char *parse_file(struct passdb *db,
 249                const char *key, int field_pos)
 250{
 251        char *buf = NULL;
 252        FILE *fp = fopen_for_read(db->filename);
 253
 254        if (fp) {
 255                buf = parse_common(fp, db, key, field_pos);
 256                fclose(fp);
 257        }
 258        return buf;
 259}
 260
 261/* Convert passwd/group/shadow file record in buffer to a struct */
 262static void *convert_to_struct(struct passdb *db,
 263                char *buffer, void *result)
 264{
 265        const char *def = db->def;
 266        const uint8_t *off = db->off;
 267
 268        /* For consistency, zero out all fields */
 269        memset(result, 0, db->size_of);
 270
 271        for (;;) {
 272                void *member = (char*)result + (*off++);
 273
 274                if ((*def | 0x20) == 's') { /* s or S */
 275                        *(char **)member = (char*)buffer;
 276                        if (!buffer[0] && (*def == 'S')) {
 277                                errno = EINVAL;
 278                        }
 279                }
 280                if (*def == 'I') {
 281                        *(int *)member = bb_strtou(buffer, NULL, 10);
 282                }
 283#if ENABLE_USE_BB_SHADOW
 284                if (*def == 'l') {
 285                        long n = -1;
 286                        if (buffer[0])
 287                                n = bb_strtol(buffer, NULL, 10);
 288                        *(long *)member = n;
 289                }
 290#endif
 291                if (*def == 'm') {
 292                        char **members;
 293                        int i = tokenize(buffer, ',');
 294
 295                        /* Store members[] after buffer's end.
 296                         * This is safe ONLY because there is a hack
 297                         * in parse_common() which allocates additional space
 298                         * at the end of malloced buffer!
 299                         */
 300                        members = (char **)
 301                                ( ((intptr_t)S.tokenize_end + sizeof(members[0]))
 302                                & -(intptr_t)sizeof(members[0])
 303                                );
 304                        ((struct group *)result)->gr_mem = members;
 305                        while (--i >= 0) {
 306                                if (buffer[0]) {
 307                                        *members++ = buffer;
 308                                        // bb_error_msg("member[]='%s'", buffer);
 309                                }
 310                                buffer += strlen(buffer) + 1;
 311                        }
 312                        *members = NULL;
 313                }
 314                /* def "r" does nothing */
 315
 316                def++;
 317                if ((unsigned char)*def <= (unsigned char)' ')
 318                        break;
 319                buffer += strlen(buffer) + 1;
 320        }
 321
 322        if (errno)
 323                result = NULL;
 324        return result;
 325}
 326
 327static int massage_data_for_r_func(struct passdb *db,
 328                char *buffer, size_t buflen,
 329                void **result,
 330                char *buf)
 331{
 332        void *result_buf = *result;
 333        *result = NULL;
 334        if (buf) {
 335                if (S.string_size > buflen) {
 336                        errno = ERANGE;
 337                } else {
 338                        memcpy(buffer, buf, S.string_size);
 339                        *result = convert_to_struct(db, buffer, result_buf);
 340                }
 341                free(buf);
 342        }
 343        /* "The reentrant functions return zero on success.
 344         * In case of error, an error number is returned."
 345         * NB: not finding the record is also a "success" here:
 346         */
 347        return errno;
 348}
 349
 350static void* massage_data_for_non_r_func(struct passdb *db, char *buf)
 351{
 352        if (!buf)
 353                return NULL;
 354
 355        free(db->malloced);
 356        /* We enlarge buf and move string data up, freeing space
 357         * for struct passwd/group/spwd at the beginning. This way,
 358         * entire result of getXXnam is in a single malloced block.
 359         * This enables easy creation of xmalloc_getpwnam() API.
 360         */
 361        db->malloced = buf = xrealloc(buf, db->size_of + S.string_size);
 362        memmove(buf + db->size_of, buf, S.string_size);
 363        return convert_to_struct(db, buf + db->size_of, buf);
 364}
 365
 366/****** getXXnam/id_r */
 367
 368static int FAST_FUNC getXXnam_r(const char *name, uintptr_t db_and_field_pos,
 369                char *buffer, size_t buflen,
 370                void *result)
 371{
 372        char *buf;
 373        struct passdb *db = &get_S()->db[db_and_field_pos >> 2];
 374
 375        buf = parse_file(db, name, 0 /*db_and_field_pos & 3*/);
 376        /* "db_and_field_pos & 3" is commented out since so far we don't implement
 377         * getXXXid_r() functions which would use that to pass 2 here */
 378
 379        return massage_data_for_r_func(db, buffer, buflen, result, buf);
 380}
 381
 382int FAST_FUNC getpwnam_r(const char *name, struct passwd *struct_buf,
 383                char *buffer, size_t buflen,
 384                struct passwd **result)
 385{
 386        /* Why the "store buffer address in result" trick?
 387         * This way, getXXnam_r has the same ABI signature as getpwnam_r,
 388         * hopefully compiler can optimize tail call better in this case.
 389         */
 390        *result = struct_buf;
 391        return getXXnam_r(name, (0 << 2) + 0, buffer, buflen, result);
 392}
 393#if ENABLE_USE_BB_SHADOW
 394int FAST_FUNC getspnam_r(const char *name, struct spwd *struct_buf, char *buffer, size_t buflen,
 395                struct spwd **result)
 396{
 397        *result = struct_buf;
 398        return getXXnam_r(name, (2 << 2) + 0, buffer, buflen, result);
 399}
 400#endif
 401
 402#ifdef UNUSED
 403/****** getXXent_r */
 404
 405static int FAST_FUNC getXXent_r(uintptr_t db_idx, char *buffer, size_t buflen,
 406                void *result)
 407{
 408        char *buf;
 409        struct passdb *db = &get_S()->db[db_idx];
 410
 411        if (!db->fp) {
 412                db->fp = fopen_for_read(db->filename);
 413                if (!db->fp) {
 414                        return errno;
 415                }
 416                close_on_exec_on(fileno(db->fp));
 417        }
 418
 419        buf = parse_common(db->fp, db, /*no search key:*/ NULL, -1);
 420        if (!buf && !errno)
 421                errno = ENOENT;
 422        return massage_data_for_r_func(db, buffer, buflen, result, buf);
 423}
 424
 425int FAST_FUNC getpwent_r(struct passwd *struct_buf, char *buffer, size_t buflen,
 426                struct passwd **result)
 427{
 428        *result = struct_buf;
 429        return getXXent_r(0, buffer, buflen, result);
 430}
 431#endif
 432
 433/****** getXXent */
 434
 435static void* FAST_FUNC getXXent(uintptr_t db_idx)
 436{
 437        char *buf;
 438        struct passdb *db = &get_S()->db[db_idx];
 439
 440        if (!db->fp) {
 441                db->fp = fopen_for_read(db->filename);
 442                if (!db->fp) {
 443                        return NULL;
 444                }
 445                close_on_exec_on(fileno(db->fp));
 446        }
 447
 448        buf = parse_common(db->fp, db, /*no search key:*/ NULL, -1);
 449        return massage_data_for_non_r_func(db, buf);
 450}
 451
 452struct passwd* FAST_FUNC getpwent(void)
 453{
 454        return getXXent(0);
 455}
 456
 457/****** getXXnam/id */
 458
 459static void* FAST_FUNC getXXnam(const char *name, unsigned db_and_field_pos)
 460{
 461        char *buf;
 462        struct passdb *db = &get_S()->db[db_and_field_pos >> 2];
 463
 464        buf = parse_file(db, name, db_and_field_pos & 3);
 465        return massage_data_for_non_r_func(db, buf);
 466}
 467
 468struct passwd* FAST_FUNC getpwnam(const char *name)
 469{
 470        return getXXnam(name, (0 << 2) + 0);
 471}
 472struct group* FAST_FUNC getgrnam(const char *name)
 473{
 474        return getXXnam(name, (1 << 2) + 0);
 475}
 476struct passwd* FAST_FUNC getpwuid(uid_t id)
 477{
 478        return getXXnam(utoa(id), (0 << 2) + 2);
 479}
 480struct group* FAST_FUNC getgrgid(gid_t id)
 481{
 482        return getXXnam(utoa(id), (1 << 2) + 2);
 483}
 484
 485/****** end/setXXend */
 486
 487void FAST_FUNC endpwent(void)
 488{
 489        if (has_S && S.db[0].fp) {
 490                fclose(S.db[0].fp);
 491                S.db[0].fp = NULL;
 492        }
 493}
 494void FAST_FUNC setpwent(void)
 495{
 496        if (has_S && S.db[0].fp) {
 497                rewind(S.db[0].fp);
 498        }
 499}
 500void FAST_FUNC endgrent(void)
 501{
 502        if (has_S && S.db[1].fp) {
 503                fclose(S.db[1].fp);
 504                S.db[1].fp = NULL;
 505        }
 506}
 507
 508/****** initgroups and getgrouplist */
 509
 510static gid_t* FAST_FUNC getgrouplist_internal(int *ngroups_ptr,
 511                const char *user, gid_t gid)
 512{
 513        FILE *fp;
 514        gid_t *group_list;
 515        int ngroups;
 516
 517        /* We alloc space for 8 gids at a time. */
 518        group_list = xzalloc(8 * sizeof(group_list[0]));
 519        group_list[0] = gid;
 520        ngroups = 1;
 521
 522        fp = fopen_for_read(_PATH_GROUP);
 523        if (fp) {
 524                struct passdb *db = &get_S()->db[1];
 525                char *buf;
 526                while ((buf = parse_common(fp, db, NULL, -1)) != NULL) {
 527                        char **m;
 528                        struct group group;
 529                        if (!convert_to_struct(db, buf, &group))
 530                                goto next;
 531                        if (group.gr_gid == gid)
 532                                goto next;
 533                        for (m = group.gr_mem; *m; m++) {
 534                                if (strcmp(*m, user) != 0)
 535                                        continue;
 536                                group_list = xrealloc_vector(group_list, /*8=2^3:*/ 3, ngroups);
 537                                group_list[ngroups++] = group.gr_gid;
 538                                goto next;
 539                        }
 540 next:
 541                        free(buf);
 542                }
 543                fclose(fp);
 544        }
 545        *ngroups_ptr = ngroups;
 546        return group_list;
 547}
 548
 549int FAST_FUNC initgroups(const char *user, gid_t gid)
 550{
 551        int ngroups;
 552        gid_t *group_list = getgrouplist_internal(&ngroups, user, gid);
 553
 554        ngroups = setgroups(ngroups, group_list);
 555        free(group_list);
 556        return ngroups;
 557}
 558
 559int FAST_FUNC getgrouplist(const char *user, gid_t gid, gid_t *groups, int *ngroups)
 560{
 561        int ngroups_old = *ngroups;
 562        gid_t *group_list = getgrouplist_internal(ngroups, user, gid);
 563
 564        if (*ngroups <= ngroups_old) {
 565                ngroups_old = *ngroups;
 566                memcpy(groups, group_list, ngroups_old * sizeof(groups[0]));
 567        } else {
 568                ngroups_old = -1;
 569        }
 570        free(group_list);
 571        return ngroups_old;
 572}
 573