diff options
-rw-r--r-- | src/basic/util.c | 20 | ||||
-rw-r--r-- | src/basic/util.h | 5 | ||||
-rw-r--r-- | src/libsystemd/sd-login/sd-login.c | 5 |
3 files changed, 23 insertions, 7 deletions
diff --git a/src/basic/util.c b/src/basic/util.c index f01f5f237b..beec7cb7dd 100644 --- a/src/basic/util.c +++ b/src/basic/util.c @@ -373,6 +373,19 @@ int parse_pid(const char *s, pid_t* ret_pid) { return 0; } +bool uid_is_valid(uid_t uid) { + + /* Some libc APIs use UID_INVALID as special placeholder */ + if (uid == (uid_t) 0xFFFFFFFF) + return false; + + /* A long time ago UIDs where 16bit, hence explicitly avoid the 16bit -1 too */ + if (uid == (uid_t) 0xFFFF) + return false; + + return true; +} + int parse_uid(const char *s, uid_t* ret_uid) { unsigned long ul = 0; uid_t uid; @@ -389,12 +402,7 @@ int parse_uid(const char *s, uid_t* ret_uid) { if ((unsigned long) uid != ul) return -ERANGE; - /* Some libc APIs use UID_INVALID as special placeholder */ - if (uid == (uid_t) 0xFFFFFFFF) - return -ENXIO; - - /* A long time ago UIDs where 16bit, hence explicitly avoid the 16bit -1 too */ - if (uid == (uid_t) 0xFFFF) + if (!uid_is_valid(uid)) return -ENXIO; if (ret_uid) diff --git a/src/basic/util.h b/src/basic/util.h index ff7a00e928..f8e32360f0 100644 --- a/src/basic/util.h +++ b/src/basic/util.h @@ -154,7 +154,10 @@ int parse_size(const char *t, off_t base, off_t *size); int parse_boolean(const char *v) _pure_; int parse_pid(const char *s, pid_t* ret_pid); int parse_uid(const char *s, uid_t* ret_uid); -#define parse_gid(s, ret_uid) parse_uid(s, ret_uid) +#define parse_gid(s, ret_gid) parse_uid(s, ret_gid) + +bool uid_is_valid(uid_t uid); +#define gid_is_valid(gid) uid_is_valid(gid) int safe_atou(const char *s, unsigned *ret_u); int safe_atoi(const char *s, int *ret_i); diff --git a/src/libsystemd/sd-login/sd-login.c b/src/libsystemd/sd-login/sd-login.c index 7d6a4b78cf..6300162ebe 100644 --- a/src/libsystemd/sd-login/sd-login.c +++ b/src/libsystemd/sd-login/sd-login.c @@ -203,6 +203,7 @@ _public_ int sd_uid_get_state(uid_t uid, char**state) { char *s = NULL; int r; + assert_return(uid_is_valid(uid), -EINVAL); assert_return(state, -EINVAL); r = file_of_uid(uid, &p); @@ -230,6 +231,7 @@ _public_ int sd_uid_get_display(uid_t uid, char **session) { _cleanup_free_ char *p = NULL, *s = NULL; int r; + assert_return(uid_is_valid(uid), -EINVAL); assert_return(session, -EINVAL); r = file_of_uid(uid, &p); @@ -257,6 +259,7 @@ _public_ int sd_uid_is_on_seat(uid_t uid, int require_active, const char *seat) int r; const char *word, *variable, *state; + assert_return(uid_is_valid(uid), -EINVAL); assert_return(seat, -EINVAL); variable = require_active ? "ACTIVE_UID" : "UIDS"; @@ -289,6 +292,8 @@ static int uid_get_array(uid_t uid, const char *variable, char ***array) { char **a; int r; + assert_return(uid_is_valid(uid), -EINVAL); + r = file_of_uid(uid, &p); if (r < 0) return r; |