From bkoenig@cs.tu-berlin.de  Thu Dec  8 19:27:32 2005
Return-Path: <bkoenig@cs.tu-berlin.de>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3C11B16A422
	for <FreeBSD-gnats-submit@freebsd.org>; Thu,  8 Dec 2005 19:27:32 +0000 (GMT)
	(envelope-from bkoenig@cs.tu-berlin.de)
Received: from efacilitas.de (smtp.efacilitas.de [85.10.196.108])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 900E343D86
	for <FreeBSD-gnats-submit@freebsd.org>; Thu,  8 Dec 2005 19:26:26 +0000 (GMT)
	(envelope-from bkoenig@cs.tu-berlin.de)
Received: from eurystheus.local (port-212-202-39-231.dynamic.qsc.de [212.202.39.231])
	by efacilitas.de (Postfix) with ESMTP id 22AA04C9E4
	for <FreeBSD-gnats-submit@freebsd.org>; Thu,  8 Dec 2005 20:34:36 +0100 (CET)
Received: from hoppel.local (eurystheus.local [192.168.1.67])
	by eurystheus.local (Postfix) with SMTP id A9CDF508B5
	for <FreeBSD-gnats-submit@freebsd.org>; Thu,  8 Dec 2005 20:25:06 +0100 (CET)
Received: by hoppel.local (sSMTP sendmail emulation); Thu,  8 Dec 2005 20:25:06 +0100
Message-Id: <20051208192506.A9CDF508B5@eurystheus.local>
Date: Thu,  8 Dec 2005 20:25:06 +0100
From: "Bjrn Knig" <bkoenig@cs.tu-berlin.de>
Reply-To: Bjrn Knig <bkoenig@cs.tu-berlin.de>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: pw takes strings after option -g for GID 0
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         90114
>Category:       bin
>Synopsis:       [patch] pw(8) takes strings after option -g for GID 0
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Thu Dec 08 19:30:02 GMT 2005
>Closed-Date:    
>Last-Modified:  Thu Dec 08 20:19:15 GMT 2005
>Originator:     Bjrn Knig
>Release:        FreeBSD 6.0-RELEASE i386
>Organization:
>Environment:
>Description:
	pw assumes the group with the ID 0 if you specify a string mistakenly
	instead of a number in conjunction with option -g. This might be
	problematic because it is possible that you delete the group 'wheel'
	accidentally and silently.
	
	This issue has been discovered by Mars G. Miro (marsgmiro at gmail.com) 
>How-To-Repeat:
	Back up your /etc/group. ;)
	
	# pw groupshow -g wheel
	wheel:*:0:root
	
	# pw groupdel -g somestring
	
	# pw groupshow -g wheel
	pw: unknown group `wheel'
>Fix:
	The patch below checks the error value returned by atoi and
	aborts the current action if the user supplied an invalid GID.
	
	Note that pw still accepts erroneous values in certain cases,
	e.g. -g 0somestring.
	
--- pw-2005120801.diff begins here ---
--- src/usr.sbin/pw/pw_group.c.orig	Sun Jan 11 19:28:08 2004
+++ src/usr.sbin/pw/pw_group.c	Thu Dec  8 19:46:26 2005
@@ -93,8 +93,15 @@
 			a_name = NULL;
 		}
 	}
-	grp = (a_name != NULL) ? GETGRNAM(a_name->val) : GETGRGID((gid_t) atoi(a_gid->val));
 
+	if (a_name != NULL)
+		grp = GETGRNAM(a_name->val);
+	else {
+		grp = GETGRGID((gid_t) atoi(a_gid->val));
+		if (errno == EINVAL)
+			errx(EX_DATAERR, "invalid group id `%s'", a_gid->val);
+	}
+	
 	if (mode == M_UPDATE || mode == M_DELETE || mode == M_PRINT) {
 		if (a_name == NULL && grp == NULL)	/* Try harder */
 			grp = GETGRGID(atoi(a_gid->val));
--- pw-2005120801.diff ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted:
