From owner-freebsd-bugs@FreeBSD.ORG Sat Oct 9 22:40:05 2010 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6AC30106564A for ; Sat, 9 Oct 2010 22:40:05 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 395FD8FC1E for ; Sat, 9 Oct 2010 22:40:05 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id o99Me4AF072480 for ; Sat, 9 Oct 2010 22:40:04 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id o99Me4k8072479; Sat, 9 Oct 2010 22:40:04 GMT (envelope-from gnats) Date: Sat, 9 Oct 2010 22:40:04 GMT Message-Id: <201010092240.o99Me4k8072479@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org From: Ilya Bakulin Cc: Subject: Re: bin/149972: pw(8): usermod -u should error X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Ilya Bakulin List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 09 Oct 2010 22:40:05 -0000 The following reply was made to PR bin/149972; it has been noted by GNATS. From: Ilya Bakulin To: bug-followup@FreeBSD.org, jschauma@netmeister.org Cc: gavin@FreeBSD.org Subject: Re: bin/149972: pw(8): usermod -u should error Date: Sun, 10 Oct 2010 00:36:27 +0200 --MP_/DYFS_+in8U_jcKIbTLh57db Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Disposition: inline Fixed. Now pw(1) will exit with error if supplied with non-numeric ID. Generated at: EuroBSDCon-2010 hackers lounge by gpf@, kibab@, bcr@ --MP_/DYFS_+in8U_jcKIbTLh57db Content-Type: text/x-patch Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=pw_current.diff Index: pw_user.c =================================================================== --- pw_user.c (revision 213663) +++ pw_user.c (working copy) @@ -468,13 +468,22 @@ edited = 1; } - if ((arg = getarg(args, 'u')) != NULL && isdigit((unsigned char)*arg->val)) { + if ((arg = getarg(args, 'u')) != NULL) { + if(isdigit((unsigned char)*arg->val)) { pwd->pw_uid = (uid_t) atol(arg->val); edited = 1; if (pwd->pw_uid != 0 && strcmp(pwd->pw_name, "root") == 0) errx(EX_DATAERR, "can't change uid of `root' account"); if (pwd->pw_uid == 0 && strcmp(pwd->pw_name, "root") != 0) warnx("WARNING: account `%s' will have a uid of 0 (superuser access!)", pwd->pw_name); + } else { + /* Found something, but not a number */ + /* + * XXX Shouldn't we try to map the passed string to the username? + * man page however says that we're expecting numeric uid... + */ + errx(EX_DATAERR, "Expected numeric user id as an argument to -u\n"); + } } if ((arg = getarg(args, 'g')) != NULL && pwd->pw_uid != 0) { /* Already checked this */ --MP_/DYFS_+in8U_jcKIbTLh57db--