diff options
author | Conrad Scott <conrad.scott@dsl.pipex.com> | 2002-06-30 17:28:09 +0400 |
---|---|---|
committer | Conrad Scott <conrad.scott@dsl.pipex.com> | 2002-06-30 17:28:09 +0400 |
commit | b49bc220eb4b10a8c5348f3b2e29fdc62eed5415 (patch) | |
tree | 57449aefee7804df9ca1a3181275f76a9929b708 | |
parent | 59a80f888101159165ef4da0e3d40e6734dc8361 (diff) |
Merged changes from HEAD
-rw-r--r-- | winsup/cygwin/ChangeLog | 21 | ||||
-rw-r--r-- | winsup/cygwin/autoload.cc | 2 | ||||
-rw-r--r-- | winsup/cygwin/cygheap.h | 9 | ||||
-rw-r--r-- | winsup/cygwin/security.cc | 65 | ||||
-rw-r--r-- | winsup/cygwin/uinfo.cc | 11 |
5 files changed, 59 insertions, 49 deletions
diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index a7c460c68..a5156f73f 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,3 +1,24 @@ +2002-06-29 Pierre Humblet <pierre.humblet@ieee.org> + + * security.cc (extract_nt_dom_user): Check for all buffer overflows. + Call LookupAccountSid after trying to get domain & user from passwd. + (get_group_sidlist): Obtain the domain and user by calling + extract_nt_dom_user instead of LookupAccountSid. + +2002-06-29 Christopher Faylor <cgf@redhat.com> + + * uinfo.cc (cygheap_user::test_uid): Use standard issetuid test. + +2002-06-29 Christopher Faylor <cgf@redhat.com> + + * autoload.cc (NetGetDCName): Change to make this an optional load + function. + * cygheap.h (cygheap_user::logsrv): Return NULL when operation fails. + (cygheap_user::winname): Ditto. + (cygheap_user::domain): Ditto. + * uinfo.cc (cygheap_user::env_logsrv): Save results in temp variable. + (cygheap_user::env_userprofile): Ditto. + 2002-06-29 Christopher Faylor <cgf@redhat.com> * environ.cc (spenv::retrieve): Detect return of env_dontadd from diff --git a/winsup/cygwin/autoload.cc b/winsup/cygwin/autoload.cc index d910b43ed..d37b19975 100644 --- a/winsup/cygwin/autoload.cc +++ b/winsup/cygwin/autoload.cc @@ -371,7 +371,7 @@ LoadDLLfunc (SetSecurityDescriptorOwner, 12, advapi32) LoadDLLfunc (SetTokenInformation, 16, advapi32) LoadDLLfunc (NetApiBufferFree, 4, netapi32) -LoadDLLfunc (NetGetDCName, 12, netapi32) +LoadDLLfuncEx (NetGetDCName, 12, netapi32, 1) LoadDLLfunc (NetLocalGroupEnum, 28, netapi32) LoadDLLfunc (NetLocalGroupGetMembers, 32, netapi32) LoadDLLfunc (NetUserGetGroups, 28, netapi32) diff --git a/winsup/cygwin/cygheap.h b/winsup/cygwin/cygheap.h index 63585d91a..d2e06bfef 100644 --- a/winsup/cygwin/cygheap.h +++ b/winsup/cygwin/cygheap.h @@ -144,15 +144,18 @@ public: const char *logsrv () { - return env_logsrv ("LOGONSERVER=", sizeof ("LOGONSERVER=") - 1); + const char *p = env_logsrv ("LOGONSERVER=", sizeof ("LOGONSERVER=") - 1); + return (p == almost_null) ? NULL : p; } const char *winname () { - return env_name ("USERNAME=", sizeof ("USERNAME=") - 1); + const char *p = env_name ("USERNAME=", sizeof ("USERNAME=") - 1); + return (p == almost_null) ? NULL : p; } const char *domain () { - return env_domain ("USERDOMAIN=", sizeof ("USERDOMAIN=") - 1); + const char *p = env_domain ("USERDOMAIN=", sizeof ("USERDOMAIN=") - 1); + return (p == almost_null) ? NULL : p; } BOOL set_sid (PSID new_sid); BOOL set_orig_sid (); diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc index 74c4a173b..b587af20a 100644 --- a/winsup/cygwin/security.cc +++ b/winsup/cygwin/security.cc @@ -60,43 +60,34 @@ cygwin_set_impersonation_token (const HANDLE hToken) void extract_nt_dom_user (const struct passwd *pw, char *domain, char *user) { - cygsid psid; - DWORD ulen = UNLEN + 1; - DWORD dlen = INTERNET_MAX_HOST_NAME_LENGTH + 1; - SID_NAME_USE use; - char buf[INTERNET_MAX_HOST_NAME_LENGTH + UNLEN + 2]; - char *c; + char *d, *u, *c; - strcpy (domain, ""); - strcpy (buf, pw->pw_name); + domain[0] = 0; + strlcpy (user, pw->pw_name, UNLEN+1); debug_printf ("pw_gecos = %x (%s)", pw->pw_gecos, pw->pw_gecos); - if (psid.getfrompw (pw) && - LookupAccountSid (NULL, psid, user, &ulen, domain, &dlen, &use)) - return; - - if (pw->pw_gecos) - { - if ((c = strstr (pw->pw_gecos, "U-")) != NULL && - (c == pw->pw_gecos || c[-1] == ',')) - { - buf[0] = '\0'; - strncat (buf, c + 2, INTERNET_MAX_HOST_NAME_LENGTH + UNLEN + 1); - if ((c = strchr (buf, ',')) != NULL) - *c = '\0'; - } - } - if ((c = strchr (buf, '\\')) != NULL) - { - *c++ = '\0'; - strcpy (domain, buf); - strcpy (user, c); - } - else + if ((d = strstr (pw->pw_gecos, "U-")) != NULL && + (d == pw->pw_gecos || d[-1] == ',')) { - strcpy (domain, ""); - strcpy (user, buf); + c = strchr (d + 2, ','); + if ((u = strchr (d + 2, '\\')) == NULL || (c != NULL && u > c)) + u = d + 1; + else if (u - d <= INTERNET_MAX_HOST_NAME_LENGTH + 2) + strlcpy(domain, d + 2, u - d - 1); + if (c == NULL) + c = u + UNLEN + 1; + if (c - u <= UNLEN + 1) + strlcpy(user, u + 1, c - u); } + if (domain[0]) + return; + + cygsid psid; + DWORD ulen = UNLEN + 1; + DWORD dlen = INTERNET_MAX_HOST_NAME_LENGTH + 1; + SID_NAME_USE use; + if (psid.getfrompw (pw)) + LookupAccountSid (NULL, psid, user, &ulen, domain, &dlen, &use); } extern "C" HANDLE @@ -490,18 +481,9 @@ get_group_sidlist (cygsidlist &grp_list, char domain[INTERNET_MAX_HOST_NAME_LENGTH + 1]; WCHAR wserver[INTERNET_MAX_HOST_NAME_LENGTH + 3]; char server[INTERNET_MAX_HOST_NAME_LENGTH + 3]; - DWORD ulen = sizeof (user); - DWORD dlen = sizeof (domain); - SID_NAME_USE use; cygsidlist sup_list; auth_pos = -1; - if (!LookupAccountSid (NULL, usersid, user, &ulen, domain, &dlen, &use)) - { - debug_printf ("LookupAccountSid () %E"); - __seterrno (); - return FALSE; - } grp_list += well_known_world_sid; if (usersid == well_known_system_sid) @@ -511,6 +493,7 @@ get_group_sidlist (cygsidlist &grp_list, } else { + extract_nt_dom_user (pw, domain, user); if (!get_logon_server (domain, server, wserver)) return FALSE; if (my_grps) diff --git a/winsup/cygwin/uinfo.cc b/winsup/cygwin/uinfo.cc index ae500049e..cd39097d5 100644 --- a/winsup/cygwin/uinfo.cc +++ b/winsup/cygwin/uinfo.cc @@ -308,7 +308,7 @@ cygheap_user::test_uid (char *&what, const char *name, size_t namelen) { if (what) return what; - if (orig_uid == myself->uid) + if (!issetuid ()) what = getwinenveq (name, namelen, HEAP_STR); return what; } @@ -319,12 +319,14 @@ cygheap_user::env_logsrv (const char *name, size_t namelen) if (test_uid (plogsrv, name, namelen)) return plogsrv; - if (!domain () || strcasematch (winname (), "SYSTEM")) + const char *mydomain = domain (); + const char *myname = winname (); + if (!mydomain || strcasematch (myname, "SYSTEM")) return almost_null; char logsrv[INTERNET_MAX_HOST_NAME_LENGTH + 3]; cfree_and_set (plogsrv, almost_null); - if (get_logon_server (domain (), logsrv, NULL)) + if (get_logon_server (mydomain, logsrv, NULL)) plogsrv = cstrdup (logsrv); return plogsrv; } @@ -363,7 +365,8 @@ cygheap_user::env_userprofile (const char *name, size_t namelen) char userprofile_env_buf[MAX_PATH + 1]; cfree_and_set (puserprof, almost_null); /* FIXME: Should this just be setting a puserprofile like everything else? */ - if (!strcasematch (winname (), "SYSTEM") + const char *myname = winname (); + if (myname && strcasematch (myname, "SYSTEM") && get_registry_hive_path (sid (), userprofile_env_buf)) puserprof = cstrdup (userprofile_env_buf); |