diff options
Diffstat (limited to 'libmisc/chkname.c')
-rw-r--r-- | libmisc/chkname.c | 101 |
1 files changed, 101 insertions, 0 deletions
diff --git a/libmisc/chkname.c b/libmisc/chkname.c new file mode 100644 index 0000000..e31ee8c --- /dev/null +++ b/libmisc/chkname.c @@ -0,0 +1,101 @@ +/* + * SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh + * SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz + * SPDX-FileCopyrightText: 2001 - 2005, Tomasz Kłoczko + * SPDX-FileCopyrightText: 2005 - 2008, Nicolas François + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +/* + * is_valid_user_name(), is_valid_group_name() - check the new user/group + * name for validity; + * return values: + * true - OK + * false - bad name + */ + +#include <config.h> + +#ident "$Id$" + +#include <ctype.h> +#include "defines.h" +#include "chkname.h" + +int allow_bad_names = false; + +static bool is_valid_name (const char *name) +{ + if (allow_bad_names) { + return true; + } + + /* + * User/group names must match gnu e-regex: + * [a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,30}[a-zA-Z0-9_.$-]? + * + * as a non-POSIX, extension, allow "$" as the last char for + * sake of Samba 3.x "add machine script" + * + * Also do not allow fully numeric names or just "." or "..". + */ + int numeric; + + if ('\0' == *name || + ('.' == *name && (('.' == name[1] && '\0' == name[2]) || + '\0' == name[1])) || + !((*name >= 'a' && *name <= 'z') || + (*name >= 'A' && *name <= 'Z') || + (*name >= '0' && *name <= '9') || + *name == '_' || + *name == '.')) { + return false; + } + + numeric = isdigit(*name); + + while ('\0' != *++name) { + if (!((*name >= 'a' && *name <= 'z') || + (*name >= 'A' && *name <= 'Z') || + (*name >= '0' && *name <= '9') || + *name == '_' || + *name == '.' || + *name == '-' || + (*name == '$' && name[1] == '\0') + )) { + return false; + } + numeric &= isdigit(*name); + } + + return !numeric; +} + +bool is_valid_user_name (const char *name) +{ + /* + * User names are limited by whatever utmp can + * handle. + */ + if (strlen (name) > USER_NAME_MAX_LENGTH) { + return false; + } + + return is_valid_name (name); +} + +bool is_valid_group_name (const char *name) +{ + /* + * Arbitrary limit for group names. + * HP-UX 10 limits to 16 characters + */ + if ( (GROUP_NAME_MAX_LENGTH > 0) + && (strlen (name) > GROUP_NAME_MAX_LENGTH)) { + return false; + } + + return is_valid_name (name); +} + |