From f458f48b02dd15d64dc4f654c33030b5702940db Mon Sep 17 00:00:00 2001 From: Mike Barcroft Date: Thu, 26 Jul 2001 23:27:10 +0000 Subject: [PATCH] Prevent chpass(1) from writing -1 in the UID or GID fields in the password file by properly casting integers. PR: 27757 Reviewed by: des Approved by: des MFC after: 4 days --- usr.bin/chpass/chpass.c | 3 ++- usr.bin/chpass/edit.c | 12 +++++++----- usr.bin/chpass/pw_copy.c | 6 ++++-- 3 files changed, 13 insertions(+), 8 deletions(-) diff --git a/usr.bin/chpass/chpass.c b/usr.bin/chpass/chpass.c index 69e700f04e8c..f10a9d684e5a 100644 --- a/usr.bin/chpass/chpass.c +++ b/usr.bin/chpass/chpass.c @@ -173,7 +173,8 @@ main(argc, argv) #else case 0: if (!(pw = getpwuid(uid))) - errx(1, "unknown user: uid %u", uid); + errx(1, "unknown user: uid %lu", + (unsigned long)uid); break; case 1: if (!(pw = getpwnam(*argv))) diff --git a/usr.bin/chpass/edit.c b/usr.bin/chpass/edit.c index a5d3d5d8d911..849d5d9acff7 100644 --- a/usr.bin/chpass/edit.c +++ b/usr.bin/chpass/edit.c @@ -115,8 +115,9 @@ display(fd, pw) #endif /* YP */ (void)fprintf(fp, "Login: %s\n", pw->pw_name); (void)fprintf(fp, "Password: %s\n", pw->pw_passwd); - (void)fprintf(fp, "Uid [#]: %d\n", pw->pw_uid); - (void)fprintf(fp, "Gid [# or name]: %d\n", pw->pw_gid); + (void)fprintf(fp, "Uid [#]: %lu\n", (unsigned long)pw->pw_uid); + (void)fprintf(fp, "Gid [# or name]: %lu\n", + (unsigned long)pw->pw_gid); (void)fprintf(fp, "Change [month day year]: %s\n", ttoa(pw->pw_change)); (void)fprintf(fp, "Expire [month day year]: %s\n", @@ -255,9 +256,10 @@ bad: (void)fclose(fp); pw->pw_gecos[len - 1] = '\0'; if (snprintf(buf, sizeof(buf), - "%s:%s:%d:%d:%s:%ld:%ld:%s:%s:%s", - pw->pw_name, pw->pw_passwd, pw->pw_uid, pw->pw_gid, pw->pw_class, - pw->pw_change, pw->pw_expire, pw->pw_gecos, pw->pw_dir, + "%s:%s:%lu:%lu:%s:%ld:%ld:%s:%s:%s", + pw->pw_name, pw->pw_passwd, (unsigned long)pw->pw_uid, + (unsigned long)pw->pw_gid, pw->pw_class, (long)pw->pw_change, + (long)pw->pw_expire, pw->pw_gecos, pw->pw_dir, pw->pw_shell) >= sizeof(buf)) { warnx("entries too long"); free(p); diff --git a/usr.bin/chpass/pw_copy.c b/usr.bin/chpass/pw_copy.c index 5d5a7deb6e7e..d47575703e1e 100644 --- a/usr.bin/chpass/pw_copy.c +++ b/usr.bin/chpass/pw_copy.c @@ -29,6 +29,8 @@ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. + * + * $FreeBSD$ */ #ifndef lint @@ -64,8 +66,8 @@ pw_copy(ffd, tfd, pw) char chgstr[20]; char expstr[20]; - snprintf(uidstr, sizeof(uidstr), "%d", pw->pw_uid); - snprintf(gidstr, sizeof(gidstr), "%d", pw->pw_gid); + snprintf(uidstr, sizeof(uidstr), "%lu", (unsigned long)pw->pw_uid); + snprintf(gidstr, sizeof(gidstr), "%lu", (unsigned long)pw->pw_gid); snprintf(chgstr, sizeof(chgstr), "%ld", (long)pw->pw_change); snprintf(expstr, sizeof(expstr), "%ld", (long)pw->pw_expire);