Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 157542 Details for
Bug 245181
config doesn't allow paths with spaces
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
patch
pam-0.99.6.2-namespace-config-parse.patch (text/plain), 8.97 KB, created by
Ted X Toth
on 2007-06-21 14:34:28 UTC
(
hide
)
Description:
patch
Filename:
MIME Type:
Creator:
Ted X Toth
Created:
2007-06-21 14:34:28 UTC
Size:
8.97 KB
patch
obsolete
>--- Linux-PAM-0.99.6.2/modules/pam_namespace/argv_parse.c 1969-12-31 18:00:00.000000000 -0600 >+++ Linux-PAM-0.99.6.2.new/modules/pam_namespace/argv_parse.c 2007-06-22 14:41:24.000000000 -0500 >@@ -0,0 +1,164 @@ >+/* >+ * argv_parse.c --- utility function for parsing a string into a >+ * argc, argv array. >+ * >+ * This file defines a function argv_parse() which parsing a >+ * passed-in string, handling double quotes and backslashes, and >+ * creates an allocated argv vector which can be freed using the >+ * argv_free() function. >+ * >+ * See argv_parse.h for the formal definition of the functions. >+ * >+ * Copyright 1999 by Theodore Ts'o. >+ * >+ * Permission to use, copy, modify, and distribute this software for >+ * any purpose with or without fee is hereby granted, provided that >+ * the above copyright notice and this permission notice appear in all >+ * copies. THE SOFTWARE IS PROVIDED "AS IS" AND THEODORE TS'O (THE >+ * AUTHOR) DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, >+ * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. >+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, >+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER >+ * RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION >+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR >+ * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. (Isn't >+ * it sick that the U.S. culture of lawsuit-happy lawyers requires >+ * this kind of disclaimer?) >+ * >+ * Version 1.1, modified 2/27/1999 >+ */ >+ >+#include <stdlib.h> >+#include <ctype.h> >+#include <string.h> >+#include "argv_parse.h" >+ >+#define STATE_WHITESPACE 1 >+#define STATE_TOKEN 2 >+#define STATE_QUOTED 3 >+ >+/* >+ * Returns 0 on success, -1 on failure. >+ */ >+int argv_parse(char *in_buf, int *ret_argc, char ***ret_argv) >+{ >+ int argc = 0, max_argc = 0; >+ char **argv, **new_argv, *buf, ch; >+ char *cp = 0, *outcp = 0; >+ int state = STATE_WHITESPACE; >+ >+ buf = malloc(strlen(in_buf)+1); >+ if (!buf) >+ return -1; >+ >+ max_argc = 0; argc = 0; argv = 0; >+ outcp = buf; >+ for (cp = in_buf; (ch = *cp); cp++) { >+ if (state == STATE_WHITESPACE) { >+ if (isspace((int) ch)) >+ continue; >+ /* Not whitespace, so start a new token */ >+ state = STATE_TOKEN; >+ if (argc >= max_argc) { >+ max_argc += 3; >+ new_argv = realloc(argv, >+ (max_argc+1)*sizeof(char *)); >+ if (!new_argv) { >+ if (argv) free(argv); >+ free(buf); >+ return -1; >+ } >+ argv = new_argv; >+ } >+ argv[argc++] = outcp; >+ } >+ if (state == STATE_QUOTED) { >+ if (ch == '"') >+ state = STATE_TOKEN; >+ else >+ *outcp++ = ch; >+ continue; >+ } >+ /* Must be processing characters in a word */ >+ if (isspace((int) ch)) { >+ /* >+ * Terminate the current word and start >+ * looking for the beginning of the next word. >+ */ >+ *outcp++ = 0; >+ state = STATE_WHITESPACE; >+ continue; >+ } >+ if (ch == '"') { >+ state = STATE_QUOTED; >+ continue; >+ } >+ if (ch == '\\') { >+ ch = *++cp; >+ switch (ch) { >+ case '\0': >+ ch = '\\'; cp--; break; >+ case 'n': >+ ch = '\n'; break; >+ case 't': >+ ch = '\t'; break; >+ case 'b': >+ ch = '\b'; break; >+ } >+ } >+ *outcp++ = ch; >+ } >+ if (state != STATE_WHITESPACE) >+ *outcp++ = '\0'; >+ if (argv == 0) { >+ argv = malloc(sizeof(char *)); >+ free(buf); >+ } >+ argv[argc] = 0; >+ if (ret_argc) >+ *ret_argc = argc; >+ if (ret_argv) >+ *ret_argv = argv; >+ return 0; >+} >+ >+void argv_free(char **argv) >+{ >+ if (*argv) >+ free(*argv); >+ free(argv); >+} >+ >+#ifdef DEBUG >+/* >+ * For debugging >+ */ >+ >+#include <stdio.h> >+ >+int main(int argc, char **argv) >+{ >+ int ac, ret; >+ char **av, **cpp; >+ char buf[256]; >+ >+ while (!feof(stdin)) { >+ if (fgets(buf, sizeof(buf), stdin) == NULL) >+ break; >+ ret = argv_parse(buf, &ac, &av); >+ if (ret != 0) { >+ printf("Argv_parse returned %d!\n", ret); >+ continue; >+ } >+ printf("Argv_parse returned %d arguments...\n", ac); >+ for (cpp = av; *cpp; cpp++) { >+ if (cpp != av) >+ printf(", "); >+ printf("'%s'", *cpp); >+ } >+ printf("\n"); >+ argv_free(av); >+ } >+ exit(0); >+} >+#endif >--- Linux-PAM-0.99.6.2/modules/pam_namespace/argv_parse.h 1969-12-31 18:00:00.000000000 -0600 >+++ Linux-PAM-0.99.6.2.new/modules/pam_namespace/argv_parse.h 2007-06-22 14:41:24.000000000 -0500 >@@ -0,0 +1,43 @@ >+/* >+ * argv_parse.h --- header file for the argv parser. >+ * >+ * This file defines the interface for the functions argv_parse() and >+ * argv_free(). >+ * >+ *********************************************************************** >+ * int argv_parse(char *in_buf, int *ret_argc, char ***ret_argv) >+ * >+ * This function takes as its first argument a string which it will >+ * parse into an argv argument vector, with each white-space separated >+ * word placed into its own slot in the argv. This function handles >+ * double quotes and backslashes so that the parsed words can contain >+ * special characters. The count of the number words found in the >+ * parsed string, as well as the argument vector, are returned into >+ * ret_argc and ret_argv, respectively. >+ *********************************************************************** >+ * extern void argv_free(char **argv); >+ * >+ * This function frees the argument vector created by argv_parse(). >+ *********************************************************************** >+ * >+ * Copyright 1999 by Theodore Ts'o. >+ * >+ * Permission to use, copy, modify, and distribute this software for >+ * any purpose with or without fee is hereby granted, provided that >+ * the above copyright notice and this permission notice appear in all >+ * copies. THE SOFTWARE IS PROVIDED "AS IS" AND THEODORE TS'O (THE >+ * AUTHOR) DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, >+ * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. >+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, >+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER >+ * RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION >+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR >+ * IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. (Isn't >+ * it sick that the U.S. culture of lawsuit-happy lawyers requires >+ * this kind of disclaimer?) >+ * >+ * Version 1.1, modified 2/27/1999 >+ */ >+ >+extern int argv_parse(char *in_buf, int *ret_argc, char ***ret_argv); >+extern void argv_free(char **argv); >--- Linux-PAM-0.99.6.2/modules/pam_namespace/Makefile.am 2007-06-22 15:02:25.000000000 -0500 >+++ Linux-PAM-0.99.6.2.new/modules/pam_namespace/Makefile.am 2007-06-22 15:02:48.000000000 -0500 >@@ -32,7 +32,7 @@ > > if HAVE_UNSHARE > securelib_LTLIBRARIES = pam_namespace.la >-pam_namespace_la_SOURCES = pam_namespace.c pam_namespace.h md5.c md5.h >+pam_namespace_la_SOURCES = pam_namespace.c pam_namespace.h md5.c md5.h argv_parse.c argv_parse.h > > secureconf_DATA = namespace.conf > secureconf_SCRIPTS = namespace.init >--- Linux-PAM-0.99.6.2/modules/pam_namespace/pam_namespace.c 2007-06-23 05:21:09.000000000 -0500 >+++ Linux-PAM-0.99.6.2.new/modules/pam_namespace/pam_namespace.c 2007-06-23 05:22:00.000000000 -0500 >@@ -32,7 +32,7 @@ > > #include "pam_namespace.h" > #include "libpam/pam_private.h" >- >+#include "argv_parse.h" > /* > * Copies the contents of ent into pent > */ >@@ -138,7 +138,9 @@ > char *tptr; > struct polydir_s poly; > int retval = 0; >- >+ int num_config_options = 0; >+ char **config_options = NULL; >+ > poly.uid = NULL; > poly.num_uids = 0; > >@@ -172,17 +174,23 @@ > * Initialize and scan the five strings from the line from the > * namespace configuration file. > */ >- dir = strtok_r(line, " \t", &tptr); >+ retval = argv_parse(line, &num_config_options, &config_options); >+ if (retval != 0) { >+ pam_syslog(idata->pamh, LOG_NOTICE, "Invalid line missing polydir"); >+ goto skipping; >+ } >+ >+ dir = config_options[0]; > if (dir == NULL) { > pam_syslog(idata->pamh, LOG_NOTICE, "Invalid line missing polydir"); > goto skipping; > } >- instance_prefix = strtok_r(NULL, " \t", &tptr); >+ instance_prefix = config_options[1]; > if (instance_prefix == NULL) { > pam_syslog(idata->pamh, LOG_NOTICE, "Invalid line missing instance_prefix"); > goto skipping; > } >- method = strtok_r(NULL, " \t", &tptr); >+ method = config_options[2]; > if (method == NULL) { > pam_syslog(idata->pamh, LOG_NOTICE, "Invalid line missing method"); > goto skipping; >@@ -194,7 +202,7 @@ > * any of the other fields are blank, the line is incomplete so > * skip it. > */ >- uids = strtok_r(NULL, " \t", &tptr); >+ uids = config_options[3]; > > /* > * Expand $HOME in dir >@@ -232,6 +240,7 @@ > */ > if ((dir[0] != '/') || (instance_prefix[0] != '/')) { > pam_syslog(idata->pamh, LOG_NOTICE,"Pathnames must start with '/'"); >+ pam_syslog(idata->pamh, LOG_NOTICE,"Pathnames '%s' '%s'", dir, instance_prefix); > goto skipping; > } > if (strstr(dir, "..") || strstr(instance_prefix, "..")) { >@@ -335,6 +344,7 @@ > else > retval = PAM_SERVICE_ERR; > out: >+ argv_free(config_options); > return retval; > } >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 245181
: 157542