Handle overflow of uid or gid in arguments for chown

chown incorrectly allows a uid or gid greater than UID_MAX/GID_MAX respectively.
Using such an argument rolls over to accounts such as root, operator, etc.

Approved by:	re (gjb)
Relnotes:	yes
Reviewed by:	cem, kib
Submitted by:	Don Morris <dgmorris@earthlink.net>
Sponsored by:	Dell EMC
Differential Revision:	https://reviews.freebsd.org/D15119
This commit is contained in:
Bryan Drewery 2018-09-26 18:40:57 +00:00
parent 0dc34160f3
commit d51abd5fe1

View File

@ -55,6 +55,7 @@ __FBSDID("$FreeBSD$");
#include <libgen.h>
#include <pwd.h>
#include <signal.h>
#include <stddef.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
@ -246,16 +247,13 @@ a_uid(const char *s)
static uid_t
id(const char *name, const char *type)
{
uid_t val;
unsigned long val;
char *ep;
/*
* XXX
* We know that uid_t's and gid_t's are unsigned longs.
*/
errno = 0;
val = strtoul(name, &ep, 10);
if (errno || *ep != '\0')
_Static_assert(UID_MAX >= GID_MAX, "UID MAX less than GID MAX");
if (errno || *ep != '\0' || val > UID_MAX)
errx(1, "%s: illegal %s name", name, type);
return (val);
}