Guido van Rooij acc879c13f The talkd security hole can ealso be exploited by wall (and thus rwall).
write and talk are not affected.
Now print out escape sequences in the same way as is done by write(1).
1994-10-23 15:33:55 +00:00

207 lines
5.9 KiB
C

/*
* Copyright (c) 1988, 1990, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#ifndef lint
static char copyright[] =
"@(#) Copyright (c) 1988, 1990, 1993\n\
The Regents of the University of California. All rights reserved.\n";
#endif /* not lint */
#ifndef lint
static char sccsid[] = "@(#)wall.c 8.2 (Berkeley) 11/16/93";
#endif /* not lint */
/*
* This program is not related to David Wall, whose Stanford Ph.D. thesis
* is entitled "Mechanisms for Broadcast and Selective Broadcast".
*/
#include <sys/param.h>
#include <sys/stat.h>
#include <sys/time.h>
#include <sys/uio.h>
#include <paths.h>
#include <pwd.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <utmp.h>
void makemsg __P((char *));
#define IGNOREUSER "sleeper"
int nobanner;
int mbufsize;
char *mbuf;
/* ARGSUSED */
int
main(argc, argv)
int argc;
char **argv;
{
extern int optind;
int ch;
struct iovec iov;
struct utmp utmp;
FILE *fp;
char *p, *ttymsg();
char line[sizeof(utmp.ut_line) + 1];
while ((ch = getopt(argc, argv, "n")) != EOF)
switch (ch) {
case 'n':
/* undoc option for shutdown: suppress banner */
if (geteuid() == 0)
nobanner = 1;
break;
case '?':
default:
usage:
(void)fprintf(stderr, "usage: wall [file]\n");
exit(1);
}
argc -= optind;
argv += optind;
if (argc > 1)
goto usage;
makemsg(*argv);
if (!(fp = fopen(_PATH_UTMP, "r"))) {
(void)fprintf(stderr, "wall: cannot read %s.\n", _PATH_UTMP);
exit(1);
}
iov.iov_base = mbuf;
iov.iov_len = mbufsize;
/* NOSTRICT */
while (fread((char *)&utmp, sizeof(utmp), 1, fp) == 1) {
if (!utmp.ut_name[0] ||
!strncmp(utmp.ut_name, IGNOREUSER, sizeof(utmp.ut_name)))
continue;
strncpy(line, utmp.ut_line, sizeof(utmp.ut_line));
line[sizeof(utmp.ut_line)] = '\0';
if ((p = ttymsg(&iov, 1, line, 60*5)) != NULL)
(void)fprintf(stderr, "wall: %s\n", p);
}
exit(0);
}
void
makemsg(fname)
char *fname;
{
register int ch, cnt;
struct tm *lt;
struct passwd *pw;
struct stat sbuf;
time_t now, time();
FILE *fp;
int fd;
char *p, *whom, hostname[MAXHOSTNAMELEN], lbuf[100], tmpname[15];
char *getlogin(), *strcpy(), *ttyname();
(void)strcpy(tmpname, _PATH_TMP);
(void)strcat(tmpname, "/wall.XXXXXX");
if (!(fd = mkstemp(tmpname)) || !(fp = fdopen(fd, "r+"))) {
(void)fprintf(stderr, "wall: can't open temporary file.\n");
exit(1);
}
(void)unlink(tmpname);
if (!nobanner) {
if (!(whom = getlogin()))
whom = (pw = getpwuid(getuid())) ? pw->pw_name : "???";
(void)gethostname(hostname, sizeof(hostname));
(void)time(&now);
lt = localtime(&now);
/*
* all this stuff is to blank out a square for the message;
* we wrap message lines at column 79, not 80, because some
* terminals wrap after 79, some do not, and we can't tell.
* Which means that we may leave a non-blank character
* in column 80, but that can't be helped.
*/
(void)fprintf(fp, "\r%79s\r\n", " ");
(void)sprintf(lbuf, "Broadcast Message from %s@%s",
whom, hostname);
(void)fprintf(fp, "%-79.79s\007\007\r\n", lbuf);
(void)sprintf(lbuf, " (%s) at %d:%02d ...", ttyname(2),
lt->tm_hour, lt->tm_min);
(void)fprintf(fp, "%-79.79s\r\n", lbuf);
}
(void)fprintf(fp, "%79s\r\n", " ");
if (fname && !(freopen(fname, "r", stdin))) {
(void)fprintf(stderr, "wall: can't read %s.\n", fname);
exit(1);
}
while (fgets(lbuf, sizeof(lbuf), stdin))
for (cnt = 0, p = lbuf; (ch = *p) != '\0'; ++p, ++cnt) {
if (cnt == 79 || ch == '\n') {
for (; cnt < 79; ++cnt)
putc(' ', fp);
putc('\r', fp);
putc('\n', fp);
cnt = 0;
} else if (!isprint(ch) && !isspace(ch) && ch != '\007')
{
putc('^', fp);
putc(ch^0x40, fp); /* DEL to ?, others to a
lpha */
} else
putc(ch, fp);
}
(void)fprintf(fp, "%79s\r\n", " ");
rewind(fp);
if (fstat(fd, &sbuf)) {
(void)fprintf(stderr, "wall: can't stat temporary file.\n");
exit(1);
}
mbufsize = sbuf.st_size;
if (!(mbuf = malloc((u_int)mbufsize))) {
(void)fprintf(stderr, "wall: out of memory.\n");
exit(1);
}
if (fread(mbuf, sizeof(*mbuf), mbufsize, fp) != mbufsize) {
(void)fprintf(stderr, "wall: can't read temporary file.\n");
exit(1);
}
(void)close(fd);
}