| Absolute File Name: | /home/opencoverage/opencoverage/guest-scripts/openssh/src/groupaccess.c |
| Source code | Switch to Preprocessed file |
| Line | Source | Count | ||||||
|---|---|---|---|---|---|---|---|---|
| 1 | /* $OpenBSD: groupaccess.c,v 1.16 2015/05/04 06:10:48 djm Exp $ */ | - | ||||||
| 2 | /* | - | ||||||
| 3 | * Copyright (c) 2001 Kevin Steves. All rights reserved. | - | ||||||
| 4 | * | - | ||||||
| 5 | * Redistribution and use in source and binary forms, with or without | - | ||||||
| 6 | * modification, are permitted provided that the following conditions | - | ||||||
| 7 | * are met: | - | ||||||
| 8 | * 1. Redistributions of source code must retain the above copyright | - | ||||||
| 9 | * notice, this list of conditions and the following disclaimer. | - | ||||||
| 10 | * 2. Redistributions in binary form must reproduce the above copyright | - | ||||||
| 11 | * notice, this list of conditions and the following disclaimer in the | - | ||||||
| 12 | * documentation and/or other materials provided with the distribution. | - | ||||||
| 13 | * | - | ||||||
| 14 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | - | ||||||
| 15 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | - | ||||||
| 16 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | - | ||||||
| 17 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | - | ||||||
| 18 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | - | ||||||
| 19 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | - | ||||||
| 20 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | - | ||||||
| 21 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | - | ||||||
| 22 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | - | ||||||
| 23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | - | ||||||
| 24 | */ | - | ||||||
| 25 | - | |||||||
| 26 | #include "includes.h" | - | ||||||
| 27 | - | |||||||
| 28 | #include <sys/types.h> | - | ||||||
| 29 | - | |||||||
| 30 | #include <grp.h> | - | ||||||
| 31 | #include <unistd.h> | - | ||||||
| 32 | #include <stdarg.h> | - | ||||||
| 33 | #include <stdlib.h> | - | ||||||
| 34 | #include <string.h> | - | ||||||
| 35 | #include <limits.h> | - | ||||||
| 36 | - | |||||||
| 37 | #include "xmalloc.h" | - | ||||||
| 38 | #include "groupaccess.h" | - | ||||||
| 39 | #include "match.h" | - | ||||||
| 40 | #include "log.h" | - | ||||||
| 41 | - | |||||||
| 42 | static int ngroups; | - | ||||||
| 43 | static char **groups_byname; | - | ||||||
| 44 | - | |||||||
| 45 | /* | - | ||||||
| 46 | * Initialize group access list for user with primary (base) and | - | ||||||
| 47 | * supplementary groups. Return the number of groups in the list. | - | ||||||
| 48 | */ | - | ||||||
| 49 | int | - | ||||||
| 50 | ga_init(const char *user, gid_t base) | - | ||||||
| 51 | { | - | ||||||
| 52 | gid_t *groups_bygid; | - | ||||||
| 53 | int i, j, retry = 0; | - | ||||||
| 54 | struct group *gr; | - | ||||||
| 55 | - | |||||||
| 56 | if (ngroups > 0)
| 0 | ||||||
| 57 | ga_free(); never executed: ga_free(); | 0 | ||||||
| 58 | - | |||||||
| 59 | ngroups = NGROUPS_MAX; | - | ||||||
| 60 | #if defined(HAVE_SYSCONF) && defined(_SC_NGROUPS_MAX) | - | ||||||
| 61 | ngroups = MAX(NGROUPS_MAX, sysconf(_SC_NGROUPS_MAX));
| 0 | ||||||
| 62 | #endif | - | ||||||
| 63 | - | |||||||
| 64 | groups_bygid = xcalloc(ngroups, sizeof(*groups_bygid)); | - | ||||||
| 65 | while (getgrouplist(user, base, groups_bygid, &ngroups) == -1) {
| 0 | ||||||
| 66 | if (retry++ > 0)
| 0 | ||||||
| 67 | fatal("getgrouplist: groups list too small"); never executed: fatal("getgrouplist: groups list too small"); | 0 | ||||||
| 68 | groups_bygid = xreallocarray(groups_bygid, ngroups, | - | ||||||
| 69 | sizeof(*groups_bygid)); | - | ||||||
| 70 | } never executed: end of block | 0 | ||||||
| 71 | groups_byname = xcalloc(ngroups, sizeof(*groups_byname)); | - | ||||||
| 72 | - | |||||||
| 73 | for (i = 0, j = 0; i < ngroups; i++)
| 0 | ||||||
| 74 | if ((gr = getgrgid(groups_bygid[i])) != NULL)
| 0 | ||||||
| 75 | groups_byname[j++] = xstrdup(gr->gr_name); never executed: groups_byname[j++] = xstrdup(gr->gr_name); | 0 | ||||||
| 76 | free(groups_bygid); | - | ||||||
| 77 | return (ngroups = j); never executed: return (ngroups = j); | 0 | ||||||
| 78 | } | - | ||||||
| 79 | - | |||||||
| 80 | /* | - | ||||||
| 81 | * Return 1 if one of user's groups is contained in groups. | - | ||||||
| 82 | * Return 0 otherwise. Use match_pattern() for string comparison. | - | ||||||
| 83 | */ | - | ||||||
| 84 | int | - | ||||||
| 85 | ga_match(char * const *groups, int n) | - | ||||||
| 86 | { | - | ||||||
| 87 | int i, j; | - | ||||||
| 88 | - | |||||||
| 89 | for (i = 0; i < ngroups; i++)
| 0 | ||||||
| 90 | for (j = 0; j < n; j++)
| 0 | ||||||
| 91 | if (match_pattern(groups_byname[i], groups[j]))
| 0 | ||||||
| 92 | return 1; never executed: return 1; | 0 | ||||||
| 93 | return 0; never executed: return 0; | 0 | ||||||
| 94 | } | - | ||||||
| 95 | - | |||||||
| 96 | /* | - | ||||||
| 97 | * Return 1 if one of user's groups matches group_pattern list. | - | ||||||
| 98 | * Return 0 on negated or no match. | - | ||||||
| 99 | */ | - | ||||||
| 100 | int | - | ||||||
| 101 | ga_match_pattern_list(const char *group_pattern) | - | ||||||
| 102 | { | - | ||||||
| 103 | int i, found = 0; | - | ||||||
| 104 | - | |||||||
| 105 | for (i = 0; i < ngroups; i++) {
| 0 | ||||||
| 106 | switch (match_pattern_list(groups_byname[i], group_pattern, 0)) { | - | ||||||
| 107 | case -1: never executed: case -1: | 0 | ||||||
| 108 | return 0; /* Negated match wins */ never executed: return 0; | 0 | ||||||
| 109 | case 0: never executed: case 0: | 0 | ||||||
| 110 | continue; never executed: continue; | 0 | ||||||
| 111 | case 1: never executed: case 1: | 0 | ||||||
| 112 | found = 1; | - | ||||||
| 113 | } never executed: end of block | 0 | ||||||
| 114 | } never executed: end of block | 0 | ||||||
| 115 | return found; never executed: return found; | 0 | ||||||
| 116 | } | - | ||||||
| 117 | - | |||||||
| 118 | /* | - | ||||||
| 119 | * Free memory allocated for group access list. | - | ||||||
| 120 | */ | - | ||||||
| 121 | void | - | ||||||
| 122 | ga_free(void) | - | ||||||
| 123 | { | - | ||||||
| 124 | int i; | - | ||||||
| 125 | - | |||||||
| 126 | if (ngroups > 0) {
| 0 | ||||||
| 127 | for (i = 0; i < ngroups; i++)
| 0 | ||||||
| 128 | free(groups_byname[i]); never executed: free(groups_byname[i]); | 0 | ||||||
| 129 | ngroups = 0; | - | ||||||
| 130 | free(groups_byname); | - | ||||||
| 131 | groups_byname = NULL; | - | ||||||
| 132 | } never executed: end of block | 0 | ||||||
| 133 | } never executed: end of block | 0 | ||||||
| Source code | Switch to Preprocessed file |