2006-12-19 00:15:28 +01:00
|
|
|
While uid_t and gid_t are both unsigned, the values (uid_t) -1 and
|
|
|
|
(gid_t) -1 are reserved. A uid or gid argument of -1 to the chown(2)
|
|
|
|
system call means to leave the uid/gid unchanged. Catch this case
|
|
|
|
so that trying to set a uid or gid to -1 will result in an error.
|
|
|
|
|
|
|
|
Test cases:
|
|
|
|
|
|
|
|
chown 4294967295 file
|
|
|
|
chown :4294967295 file
|
|
|
|
chgrp 4294967295 file
|
|
|
|
|
|
|
|
Andreas Gruenbacher <agruen@suse.de>
|
|
|
|
|
2010-05-05 22:22:09 +02:00
|
|
|
Index: lib/userspec.c
|
|
|
|
===================================================================
|
|
|
|
--- lib/userspec.c.orig 2010-05-04 17:27:48.479359439 +0200
|
|
|
|
+++ lib/userspec.c 2010-05-04 17:29:12.439359267 +0200
|
|
|
|
@@ -169,7 +169,7 @@ parse_with_separator (char const *spec,
|
2006-12-19 00:15:28 +01:00
|
|
|
{
|
|
|
|
unsigned long int tmp;
|
|
|
|
if (xstrtoul (u, NULL, 10, &tmp, "") == LONGINT_OK
|
|
|
|
- && tmp <= MAXUID)
|
|
|
|
+ && tmp <= MAXUID && tmp != (uid_t) -1)
|
|
|
|
unum = tmp;
|
|
|
|
else
|
|
|
|
error_msg = E_invalid_user;
|
2010-05-05 22:22:09 +02:00
|
|
|
@@ -200,7 +200,8 @@ parse_with_separator (char const *spec,
|
2006-12-19 00:15:28 +01:00
|
|
|
if (grp == NULL)
|
|
|
|
{
|
|
|
|
unsigned long int tmp;
|
|
|
|
- if (xstrtoul (g, NULL, 10, &tmp, "") == LONGINT_OK && tmp <= MAXGID)
|
|
|
|
+ if (xstrtoul (g, NULL, 10, &tmp, "") == LONGINT_OK && tmp <= MAXGID
|
|
|
|
+ && tmp != (gid_t) -1)
|
|
|
|
gnum = tmp;
|
|
|
|
else
|
|
|
|
error_msg = E_invalid_group;
|
2010-05-05 22:22:09 +02:00
|
|
|
Index: src/chgrp.c
|
|
|
|
===================================================================
|
|
|
|
--- src/chgrp.c.orig 2010-05-04 17:27:48.479359439 +0200
|
|
|
|
+++ src/chgrp.c 2010-05-04 17:29:12.443359269 +0200
|
|
|
|
@@ -89,7 +89,7 @@ parse_group (const char *name)
|
2006-12-19 00:15:28 +01:00
|
|
|
{
|
|
|
|
unsigned long int tmp;
|
|
|
|
if (! (xstrtoul (name, NULL, 10, &tmp, "") == LONGINT_OK
|
|
|
|
- && tmp <= GID_T_MAX))
|
|
|
|
+ && tmp <= GID_T_MAX && tmp != (gid_t) -1))
|
2007-11-30 16:07:11 +01:00
|
|
|
error (EXIT_FAILURE, 0, _("invalid group: %s"), quote (name));
|
2006-12-19 00:15:28 +01:00
|
|
|
gid = tmp;
|
|
|
|
}
|