Skip to content
This repository was archived by the owner on Nov 15, 2025. It is now read-only.

Commit f5979b6

Browse files
poetteringpoettering
committed
user-util: be stricter in parse_uid()
Let's refuse "+" and "-" prefixed UIDs. Let's refuse whitespace-prefixed UIDS, Let's refuse zero-prefixed UIDs. Let's be safe than sorry.
1 parent c44702a commit f5979b6

File tree

2 files changed

+32
-4
lines changed

2 files changed

+32
-4
lines changed

src/basic/user-util.c

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -49,7 +49,15 @@ int parse_uid(const char *s, uid_t *ret) {
4949
assert(s);
5050

5151
assert_cc(sizeof(uid_t) == sizeof(uint32_t));
52-
r = safe_atou32_full(s, 10, &uid);
52+
53+
/* We are very strict when parsing UIDs, and prohibit +/- as prefix, leading zero as prefix, and
54+
* whitespace. We do this, since this call is often used in a context where we parse things as UID
55+
* first, and if that doesn't work we fall back to NSS. Thus we really want to make sure that UIDs
56+
* are parsed as UIDs only if they really really look like UIDs. */
57+
r = safe_atou32_full(s, 10
58+
| SAFE_ATO_REFUSE_PLUS_MINUS
59+
| SAFE_ATO_REFUSE_LEADING_ZERO
60+
| SAFE_ATO_REFUSE_LEADING_WHITESPACE, &uid);
5361
if (r < 0)
5462
return r;
5563

src/test/test-user-util.c

Lines changed: 23 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -54,13 +54,33 @@ static void test_parse_uid(void) {
5454
assert_se(r == -EINVAL);
5555
assert_se(uid == 100);
5656

57+
r = parse_uid("+1234", &uid);
58+
assert_se(r == -EINVAL);
59+
assert_se(uid == 100);
60+
61+
r = parse_uid("-1234", &uid);
62+
assert_se(r == -EINVAL);
63+
assert_se(uid == 100);
64+
65+
r = parse_uid(" 1234", &uid);
66+
assert_se(r == -EINVAL);
67+
assert_se(uid == 100);
68+
5769
r = parse_uid("01234", &uid);
58-
assert_se(r == 0);
59-
assert_se(uid == 1234);
70+
assert_se(r == -EINVAL);
71+
assert_se(uid == 100);
72+
73+
r = parse_uid("-0", &uid);
74+
assert_se(r == -EINVAL);
75+
assert_se(uid == 100);
76+
77+
r = parse_uid("+0", &uid);
78+
assert_se(r == -EINVAL);
79+
assert_se(uid == 100);
6080

6181
r = parse_uid("asdsdas", &uid);
6282
assert_se(r == -EINVAL);
63-
assert_se(uid == 1234);
83+
assert_se(uid == 100);
6484
}
6585

6686
static void test_uid_ptr(void) {

0 commit comments

Comments
 (0)