openpam_readword.c revision 1.1.1.4
1 /* $NetBSD: openpam_readword.c,v 1.1.1.4 2025/09/03 15:55:57 christos Exp $ */ 2 3 /*- 4 * Copyright (c) 2012-2017 Dag-Erling Smrgrav 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. The name of the author may not be used to endorse or promote 16 * products derived from this software without specific prior written 17 * permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #ifdef HAVE_CONFIG_H 33 # include "config.h" 34 #endif 35 36 #include <sys/cdefs.h> 37 __RCSID("$NetBSD: openpam_readword.c,v 1.1.1.4 2025/09/03 15:55:57 christos Exp $"); 38 39 #include <errno.h> 40 #include <stdio.h> 41 #include <stdlib.h> 42 43 #include <security/pam_appl.h> 44 45 #include "openpam_impl.h" 46 #include "openpam_ctype.h" 47 48 #define MIN_WORD_SIZE 32 49 50 /* 51 * OpenPAM extension 52 * 53 * Read a word from a file, respecting shell quoting rules. 54 */ 55 56 char * 57 openpam_readword(FILE *f, int *lineno, size_t *lenp) 58 { 59 char *word; 60 size_t size, len; 61 int ch, escape, quote; 62 int serrno; 63 64 errno = 0; 65 66 /* skip initial whitespace */ 67 escape = quote = 0; 68 while ((ch = getc(f)) != EOF) { 69 if (ch == '\n') { 70 /* either EOL or line continuation */ 71 if (!escape) 72 break; 73 if (lineno != NULL) 74 ++*lineno; 75 escape = 0; 76 } else if (escape) { 77 /* escaped something else */ 78 break; 79 } else if (ch == '#') { 80 /* comment: until EOL, no continuation */ 81 while ((ch = getc(f)) != EOF) 82 if (ch == '\n') 83 break; 84 break; 85 } else if (ch == '\\') { 86 escape = 1; 87 } else if (!is_ws(ch)) { 88 break; 89 } 90 } 91 if (ch == EOF) 92 return (NULL); 93 ungetc(ch, f); 94 if (ch == '\n') 95 return (NULL); 96 97 word = NULL; 98 size = len = 0; 99 while ((ch = fgetc(f)) != EOF && (!is_ws(ch) || quote || escape)) { 100 if (ch == '\\' && !escape && quote != '\'') { 101 /* escape next character */ 102 escape = ch; 103 } else if ((ch == '\'' || ch == '"') && !quote && !escape) { 104 /* begin quote */ 105 quote = ch; 106 /* edge case: empty quoted string */ 107 if (openpam_straddch(&word, &size, &len, 0) != 0) 108 return (NULL); 109 } else if (ch == quote && !escape) { 110 /* end quote */ 111 quote = 0; 112 } else if (ch == '\n' && escape) { 113 /* line continuation */ 114 escape = 0; 115 } else { 116 if (escape && quote && ch != '\\' && ch != quote && 117 openpam_straddch(&word, &size, &len, '\\') != 0) { 118 free(word); 119 errno = ENOMEM; 120 return (NULL); 121 } 122 if (openpam_straddch(&word, &size, &len, ch) != 0) { 123 free(word); 124 errno = ENOMEM; 125 return (NULL); 126 } 127 escape = 0; 128 } 129 if (lineno != NULL && ch == '\n') 130 ++*lineno; 131 } 132 if (ch == EOF && ferror(f)) { 133 serrno = errno; 134 free(word); 135 errno = serrno; 136 return (NULL); 137 } 138 if (ch == EOF && (escape || quote)) { 139 /* Missing escaped character or closing quote. */ 140 free(word); 141 errno = EINVAL; 142 return (NULL); 143 } 144 ungetc(ch, f); 145 if (lenp != NULL) 146 *lenp = len; 147 return (word); 148 } 149 150 /** 151 * The =openpam_readword function reads the next word from a file, and 152 * returns it in a NUL-terminated buffer allocated with =!malloc. 153 * 154 * A word is a sequence of non-whitespace characters. 155 * However, whitespace characters can be included in a word if quoted or 156 * escaped according to the following rules: 157 * 158 * - An unescaped single or double quote introduces a quoted string, 159 * which ends when the same quote character is encountered a second 160 * time. 161 * The quotes themselves are stripped. 162 * 163 * - Within a single- or double-quoted string, all whitespace characters, 164 * including the newline character, are preserved as-is. 165 * 166 * - Outside a quoted string, a backslash escapes the next character, 167 * which is preserved as-is, unless that character is a newline, in 168 * which case it is discarded and reading continues at the beginning of 169 * the next line as if the backslash and newline had not been there. 170 * In all cases, the backslash itself is discarded. 171 * 172 * - Within a single-quoted string, double quotes and backslashes are 173 * preserved as-is. 174 * 175 * - Within a double-quoted string, a single quote is preserved as-is, 176 * and a backslash is preserved as-is unless used to escape a double 177 * quote. 178 * 179 * In addition, if the first non-whitespace character on the line is a 180 * hash character (#), the rest of the line is discarded. 181 * If a hash character occurs within a word, however, it is preserved 182 * as-is. 183 * A backslash at the end of a comment does cause line continuation. 184 * 185 * If =lineno is not =NULL, the integer variable it points to is 186 * incremented every time a quoted or escaped newline character is read. 187 * 188 * If =lenp is not =NULL, the length of the word (after quotes and 189 * backslashes have been removed) is stored in the variable it points to. 190 * 191 * RETURN VALUES 192 * 193 * If successful, the =openpam_readword function returns a pointer to a 194 * dynamically allocated NUL-terminated string containing the first word 195 * encountered on the line. 196 * 197 * The caller is responsible for releasing the returned buffer by passing 198 * it to =!free. 199 * 200 * If =openpam_readword reaches the end of the line or file before any 201 * characters are copied to the word, it returns =NULL. In the former 202 * case, the newline is pushed back to the file. 203 * 204 * If =openpam_readword reaches the end of the file while a quote or 205 * backslash escape is in effect, it sets :errno to =EINVAL and returns 206 * =NULL. 207 * 208 * IMPLEMENTATION NOTES 209 * 210 * The parsing rules are intended to be equivalent to the normal POSIX 211 * shell quoting rules. 212 * Any discrepancy is a bug and should be reported to the author along 213 * with sample input that can be used to reproduce the error. 214 * 215 * >openpam_readline 216 * >openpam_readlinev 217 * 218 * AUTHOR DES 219 */ 220
Indexes created Sun Apr 12 00:22:20 UTC 2026