Bug 15658
| Summary: | edquota misinterprets usernames as uid ranges | ||
|---|---|---|---|
| Product: | Base System | Reporter: | forrestc <forrestc> |
| Component: | misc | Assignee: | freebsd-bugs (Nobody) <bugs> |
| Status: | Closed FIXED | ||
| Severity: | Affects Only Me | ||
| Priority: | Normal | ||
| Version: | 3.4-STABLE | ||
| Hardware: | Any | ||
| OS: | Any | ||
---------- Forwarded message ---------- Date: Thu, 23 Dec 1999 22:05:40 -0700 (MST) From: Forrest W. Christian <forrestc@iMach.com> To: gnats-admin@FreeBSD.org, freebsd-bugs@FreeBSD.org Subject: Re: misc/15658: Fix to edquota.c In addition to the patch, something like the following should probably be added to the "BUGS" section of the man page: BUGS When a prototype user is specified using the -p option, if you specify a username containing only digits and a single hyphen, edquota will assume this is a uid range. A workaround is to provide the uid of the user instead of the username. In addition to the patch, something like the following should probably be
added to the "BUGS" section of the man page:
BUGS
When a prototype user is specified using the -p option, if you
specify a username containing only digits and a single hyphen,
edquota will assume this is a uid range. A workaround is to
provide the uid of the user instead of the username.
Hi, could you try the following patch to edquota instead? It looks
as if this will also fix a bug where the code forgets to increment
argv in the -p case.
Ian
Index: edquota.c
===================================================================
RCS file: /dump/FreeBSD-CVS/src/usr.sbin/edquota/edquota.c,v
retrieving revision 1.13
diff -u -r1.13 edquota.c
--- edquota.c 28 Sep 2001 10:22:36 -0000 1.13
+++ edquota.c 16 Nov 2001 23:39:07 -0000
@@ -149,8 +149,8 @@
qup->dqblk.dqb_btime = 0;
qup->dqblk.dqb_itime = 0;
}
- while (argc-- > 0) {
- if (isdigit(*argv[0]) &&
+ for (; argc-- > 0; argv++) {
+ if (strspn(*argv, "0123456789-") == strlen(*argv) &&
(cp = strchr(*argv, '-')) != NULL) {
*cp++ = '\0';
startuid = atoi(*argv);
@@ -168,7 +168,7 @@
}
continue;
}
- if ((id = getentry(*argv++, quotatype)) < 0)
+ if ((id = getentry(*argv, quotatype)) < 0)
continue;
putprivs(id, quotatype, protoprivs);
}
State Changed From-To: open->feedback Waiting for feedback on proposed patch. State Changed From-To: feedback->closed Fixed in revision 1.17 of edquota.c. |
The current version of edquota accepts parameters in the form of either a username or a range of userids. In order to determine if a parameter is a range of uid's, it looks to see if the first digit of the parameter is a number, and if the parameter contains a dash. Thus, usernames such as 2-xhibit are treated as a range of uids. The existing code also does no additional error checking and simply performs an atoi on the start of the parameter and on the string starting immediately following the hyphen. Fix: Apply the following patch to edquota. This performs additional checks on the parameter before determining that it is, in fact, a uid range. ---START OF PATCH---TRIM HERE--- 149,153c149,152 < if (isdigit(*argv[0]) && < (cp = strchr(*argv, '-')) != NULL) { < *cp++ = '\0'; < startuid = atoi(*argv); < enduid = atoi(cp); --- > if ((startuid=(int)(strtol(argv[0],&cp,10))) && > (*(cp++)=='-') && > (enduid=(int)(strtol(cp,&cp,10))) && > (*(cp++)==0) ) { ---END OF PATCH---TRIM HERE--- How-To-Repeat: This problem only occurs when using a prototype user. To excersise the chunk of code with the problem, you can run the following command line: edquota -p root 2-xhibit This results in the result: edquota: ending uid (0) must be >= starting uid (2) when using uid ranges