| History log of /src/lib/libutil/passwd.c |
| Revision | | Date | Author | Comments |
| 1.53 |
| 24-Jun-2018 |
kamil | Prevent underflow buffer read in trim_whitespace() in libutil/passwd.c
If a string is empty or contains only white characters, the algorithm of
removal of white characters at the end of the passed string will read
buffer at index -1 and keep iterating backward.
Detected with MKSANITIZER/ASan when executing passwd(1).
|
| 1.52 |
| 25-Jun-2012 |
abs | branches: 1.52.24; 1.52.30;
Update old-style definitions to ANSI, remove a couple of register
definitions along the way. Fixed gcc 4.1 build (thank you vax)
|
| 1.51 |
| 24-Apr-2011 |
christos | branches: 1.51.4;
fix freudian slip
|
| 1.50 |
| 18-Aug-2010 |
christos | Log why pwd_mkdb failed. Currently on aslr systems, pwd_mkdb either aborts
or when s/vfork/fork/ dies with SEGV accessing the the stack. The same abort
effect can be achieved when we remove all resource limits.
|
| 1.49 |
| 18-Aug-2010 |
christos | Log via syslog(3) when we run pwd_mkdb(8).
|
| 1.48 |
| 18-Jan-2009 |
lukem | fix -Wsign-compare issues
|
| 1.47 |
| 11-Jan-2009 |
christos | merge christos-time_t
|
| 1.46 |
| 21-Dec-2008 |
christos | branches: 1.46.2;
PR/18150: John F. Woods: Print meaningful error messages on inconsistent/
corrupt entries.
|
| 1.45 |
| 20-Dec-2006 |
christos | From Anon Ymous:
- add __unused
- remove __GNUC__ hack
|
| 1.44 |
| 15-Oct-2006 |
christos | add volatile to prevent gcc clobbering.
|
| 1.43 |
| 20-Mar-2006 |
elad | plug leaks, coverity cids 1618, 1619.
|
| 1.42 |
| 14-Sep-2005 |
christos | Use the re-entrant getgr*_r functions. From John Nemeth.
|
| 1.41 |
| 19-Aug-2005 |
elad | Make this compile without warnings.
|
| 1.40 |
| 18-Aug-2005 |
elad | Make pw_getconf(3) set errno so we have indication on what went wrong.
Document possible errno values in the manpage.
|
| 1.39 |
| 15-Jan-2005 |
christos | PR/28792: FUKAUMI Naoki: passwd: Couldn't generate salt: Invalid argument
I broke the case where /etc/passwd.conf was empty.
|
| 1.38 |
| 12-Jan-2005 |
christos | add pw_getpwconf(), bump.
|
| 1.37 |
| 11-Dec-2004 |
christos | WARNS=3; fix cast-qual issues.
|
| 1.36 |
| 03-Aug-2004 |
thorpej | - Rename pw_copy() to pw_copyx(), make it return a success/failure code,
and add "errbuf" and "errbufsz" parameters so that errors can be handled
gracefully, rather than simply exiting the process.
- Add a pw_copy() wrapper around pw_copyx() to preserve old behavior for
apps that use it.
- Bump shlib version to 7.4.
|
| 1.35 |
| 07-Aug-2003 |
agc | Move UCB-licensed code from 4-clause to 3-clause licence.
Patches provided by Joel Baker in PR 22280, verified by myself.
|
| 1.34 |
| 17-Apr-2002 |
ad | Back out previous - it will come as a surprise to many users.
|
| 1.33 |
| 15-Apr-2002 |
perry | Per discussion on tech-security and tech-userlevel, upgrade default
passwd type to md5. Note that with the passwd.conf facility, one may
easily "downgrade" the default to type old if one wishes, and that
existing passwds continue to work as before -- this only changes the
default for new passwds.
|
| 1.32 |
| 05-Nov-2001 |
lukem | WARNS=2 fix
|
| 1.31 |
| 23-Oct-2001 |
lukem | - add _PATH_USERMGMT_CONF. resolves [bin/14305]
- add _PATH_PASSWD_CONF to be consistent with almost all other _PATH_xxx_CONF
defines, and change from using _PATH_PASSWDCONF to the former. keep the
latter for compatibility, although arguably it could be removed because
it was never in a release and was only used in one file in the tree.
|
| 1.30 |
| 18-Aug-2001 |
ad | Add two arguments to pw_mkdb(), a la OpenBSD. This is to allow us to pass
the -u and -s options to pwd_mkdb.
|
| 1.29 |
| 03-Jan-2001 |
lukem | sprinkle in _DIAGASSERT() as appropriate
|
| 1.28 |
| 08-Dec-2000 |
tron | Fix oversight in last commit.
|
| 1.27 |
| 06-Dec-2000 |
tron | Add two new passwd file update functions:
- The pw_setprefix() function defines the root directory used for passwd
file updates. If the prefix is set to /newroot pw_lock() will operate on
/newroot/etc/ptmp afterwards. The default prefix is an empty string.
- The pw_getprefix() function returns the root directory which is currently
used for passwd file updates.
|
| 1.26 |
| 04-Oct-2000 |
itojun | honor behavior of warn(NULL).
|
| 1.25 |
| 03-Oct-2000 |
sommerfeld | Close possible format string attack.
|
| 1.24 |
| 11-Jul-2000 |
itohy | Correct ctype(3) usage.
Passing "char" value is wrong. Use "unsigned char" instead.
|
| 1.23 |
| 07-Jul-2000 |
ad | Fix typo. This probably would have stopped passwd(1) working if
/etc/passwd.conf didn't exist.
|
| 1.22 |
| 06-Jul-2000 |
ad | Oops - declare static functions.
|
| 1.21 |
| 06-Jul-2000 |
ad | Use ':' as group prefix; suggested by hubertf.
|
| 1.20 |
| 06-Jul-2000 |
ad | - Add pw_getconf(). This is used to read configuration information from
passwd.conf. From OpenBSD.
- ANSIfy.
|
| 1.19 |
| 03-Dec-1999 |
mjl | branches: 1.19.4;
Use /bin/sh to take care of the EDITOR command parsing instead of home
grown method. Fixes PR/8935 by myself. Fix is from OpenBSD. Also pull
in a couple of minor changes like checking the return value of vfork().
|
| 1.18 |
| 20-Sep-1999 |
lukem | branches: 1.18.4;
back out the #ifdef _DIAGNOSTIC argument checks; too many people complained.
_DIAGASSERT() is still retained.
|
| 1.17 |
| 17-Sep-1999 |
lukem | remove diagnostic check for name==NULL; it's ok to call pw_error() in this case
|
| 1.16 |
| 16-Sep-1999 |
lukem | * use _DIAGASSERT() to check pointer arguments against NULL and file
descriptors against -1 (as appropriate).
* add actual checks which to detect stuff that would trigger_DIAGASSERT(),
and attempt to return a sane error condition.
* knf some code
* remove some `register' decls.
the first two items result in the addition of code similar to the
following in various functions:
_DIAGASSERT(path != NULL)
#ifdef _DIAGNOSTIC
if (path == NULL) {
errno = EFAULT;
return (-1);
}
#endif
|
| 1.15 |
| 09-Dec-1998 |
christos | branches: 1.15.2;
Delint
|
| 1.14 |
| 26-Sep-1998 |
christos | Preserve the correct errno so that programs know the reason we failed.
|
| 1.13 |
| 19-Aug-1998 |
thorpej | Add some braces to make egcs happy.
|
| 1.12 |
| 08-Jun-1998 |
lukem | move pw_scan() out of here (into libc)
document _PASSWORD_NOWARN and _PASSWORD_OLDFMT inflags to pw_scan()
|
| 1.11 |
| 31-Dec-1997 |
thorpej | Change an exit() to _exit(), so that it's safe for vfork().
|
| 1.10 |
| 24-Jul-1997 |
phil | Change pw_copy to take an optional 4th parameter (old_pw), a pointer
to a passwd structure. If a good pointer, make sure old entry in file
is identical to passed passwd (old_pw). If not, abort.
Update documentation, bump major version due to change to pw_copy.
|
| 1.9 |
| 06-Jul-1997 |
christos | PR/3832: Enami Tsugutomo: passwd.c will not compile on NetBSD/alpha
|
| 1.8 |
| 29-Jun-1997 |
christos | - RCSID police
- Add ttymsg.3
|
| 1.7 |
| 20-Jun-1997 |
mikel | add parens for gcc -Wall
|
| 1.6 |
| 22-May-1997 |
lukem | in pw_scan(), parse [gu]id with strtoul() instead of atoi(), and sanity
check a) the parsed value was just a number, b) it doesn't exceed [GU]ID_MAX
|
| 1.5 |
| 09-May-1997 |
mycroft | Pull in err.h for prototypes.
|
| 1.4 |
| 23-Apr-1997 |
mycroft | Allow the full range of UIDs and GIDs.
|
| 1.3 |
| 09-Dec-1996 |
thorpej | Deal with complex EDITOR strings (e.g. `pico -t'). Fixes PR #2520.
|
| 1.2 |
| 02-Jun-1996 |
ghudson | Don't delete the lock file if pwd_mkdb fails. The caller will take care
of it by calling pw_abort() or pw_error() as appropriate.
|
| 1.1 |
| 15-May-1996 |
jtc | branches: 1.1.4;
Minor reorganization of libutil, including the addition of passward
locking and editing functions.
From Greg Hudson <ghudson@MIT.EDU>
|
| 1.1.4.1 |
| 02-Jun-1996 |
ghudson | Bring in bugfix from mainline.
|
| 1.15.2.2 |
| 04-Oct-2000 |
he | Pull up revision 1.25 (requested by sommerfeld):
Close possible format-string hole.
|
| 1.15.2.1 |
| 04-Dec-1999 |
he | Pull up revision 1.19 (requested by mjl):
Correct handling of more complex EDITOR environment variable
settings by using /bin/sh. Fixes PR#8935.
|
| 1.18.4.1 |
| 27-Dec-1999 |
wrstuden | Pull up to last week's -current.
|
| 1.19.4.3 |
| 26-Feb-2002 |
he | Pull up revisions 1.20-1.23 (requested by jonathan):
Add support for local MD5-encrypted passwords.
|
| 1.19.4.2 |
| 17-Oct-2000 |
tv | Pullup 1.26 [itojun]:
honor behavior of warn(NULL).
[This fixes a bug in the format string changes.]
|
| 1.19.4.1 |
| 03-Oct-2000 |
sommerfeld | Pull up 1.25: fix possible format string vulnerability.
approved by thorpej
|
| 1.46.2.2 |
| 28-Dec-2008 |
christos | compat code for libutil.
|
| 1.46.2.1 |
| 21-Dec-2008 |
christos | file passwd.c was added on branch christos-time_t on 2008-12-28 01:14:32 +0000
|
| 1.51.4.1 |
| 30-Oct-2012 |
yamt | sync with head
|
| 1.52.30.1 |
| 25-Jun-2018 |
pgoyette | Sync with HEAD
|
| 1.52.24.1 |
| 24-Jun-2018 |
martin | Pull up following revision(s) (requested by kamil in ticket #899):
lib/libutil/passwd.c: revision 1.53
Prevent underflow buffer read in trim_whitespace() in libutil/passwd.c
If a string is empty or contains only white characters, the algorithm of
removal of white characters at the end of the passed string will read
buffer at index -1 and keep iterating backward.
Detected with MKSANITIZER/ASan when executing passwd(1).
|
