aboutsummaryrefslogtreecommitdiffstats
path: root/lib/libpam/openpam_readword.c
blob: 5a4330c6c75d591b724996f1040097800466ae3f (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
/*-
 * Copyright (c) 2012 Dag-Erling Smørgrav
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. The name of the author may not be used to endorse or promote
 *    products derived from this software without specific prior written
 *    permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
 * $Id: openpam_readword.c 648 2013-03-05 17:54:27Z des $
 */

#ifdef HAVE_CONFIG_H
# include "config.h"
#endif

#include <errno.h>
#include <stdio.h>
#include <stdlib.h>

#include <security/pam_appl.h>

#include "openpam_impl.h"
#include "openpam_ctype.h"

#define MIN_WORD_SIZE	32

/*
 * OpenPAM extension
 *
 * Read a word from a file, respecting shell quoting rules.
 */

char *
openpam_readword(FILE *f, int *lineno, size_t *lenp)
{
	char *word;
	size_t size, len;
	int ch, comment, escape, quote;
	int serrno;

	errno = 0;

	/* skip initial whitespace */
	comment = 0;
	while ((ch = getc(f)) != EOF && ch != '\n') {
		if (ch == '#')
			comment = 1;
		if (!is_lws(ch) && !comment)
			break;
	}
	if (ch == EOF)
		return (NULL);
	ungetc(ch, f);
	if (ch == '\n')
		return (NULL);

	word = NULL;
	size = len = 0;
	escape = quote = 0;
	while ((ch = fgetc(f)) != EOF && (!is_ws(ch) || quote || escape)) {
		if (ch == '\\' && !escape && quote != '\'') {
			/* escape next character */
			escape = ch;
		} else if ((ch == '\'' || ch == '"') && !quote && !escape) {
			/* begin quote */
			quote = ch;
			/* edge case: empty quoted string */
			if (openpam_straddch(&word, &size, &len, 0) != 0)
				return (NULL);
		} else if (ch == quote && !escape) {
			/* end quote */
			quote = 0;
		} else if (ch == '\n' && escape && quote != '\'') {
			/* line continuation */
			escape = 0;
		} else {
			if (escape && quote && ch != '\\' && ch != quote &&
			    openpam_straddch(&word, &size, &len, '\\') != 0) {
				free(word);
				errno = ENOMEM;
				return (NULL);
			}
			if (openpam_straddch(&word, &size, &len, ch) != 0) {
				free(word);
				errno = ENOMEM;
				return (NULL);
			}
			escape = 0;
		}
		if (lineno != NULL && ch == '\n')
			++*lineno;
	}
	if (ch == EOF && ferror(f)) {
		serrno = errno;
		free(word);
		errno = serrno;
		return (NULL);
	}
	if (ch == EOF && (escape || quote)) {
		/* Missing escaped character or closing quote. */
		openpam_log(PAM_LOG_ERROR, "unexpected end of file");
		free(word);
		errno = EINVAL;
		return (NULL);
	}
	ungetc(ch, f);
	if (lenp != NULL)
		*lenp = len;
	return (word);
}

/**
 * The =openpam_readword function reads the next word from a file, and
 * returns it in a NUL-terminated buffer allocated with =!malloc.
 *
 * A word is a sequence of non-whitespace characters.
 * However, whitespace characters can be included in a word if quoted or
 * escaped according to the following rules:
 *
 *  - An unescaped single or double quote introduces a quoted string,
 *    which ends when the same quote character is encountered a second
 *    time.
 *    The quotes themselves are stripped.
 *
 *  - Within a single- or double-quoted string, all whitespace characters,
 *    including the newline character, are preserved as-is.
 *
 *  - Outside a quoted string, a backslash escapes the next character,
 *    which is preserved as-is, unless that character is a newline, in
 *    which case it is discarded and reading continues at the beginning of
 *    the next line as if the backslash and newline had not been there.
 *    In all cases, the backslash itself is discarded.
 *
 *  - Within a single-quoted string, double quotes and backslashes are
 *    preserved as-is.
 *
 *  - Within a double-quoted string, a single quote is preserved as-is,
 *    and a backslash is preserved as-is unless used to escape a double
 *    quote.
 *
 * In addition, if the first non-whitespace character on the line is a
 * hash character (#), the rest of the line is discarded.
 * If a hash character occurs within a word, however, it is preserved
 * as-is.
 * A backslash at the end of a comment does cause line continuation.
 *
 * If =lineno is not =NULL, the integer variable it points to is
 * incremented every time a quoted or escaped newline character is read.
 *
 * If =lenp is not =NULL, the length of the word (after quotes and
 * backslashes have been removed) is stored in the variable it points to.
 *
 * RETURN VALUES
 *
 * If successful, the =openpam_readword function returns a pointer to a
 * dynamically allocated NUL-terminated string containing the first word
 * encountered on the line.
 *
 * The caller is responsible for releasing the returned buffer by passing
 * it to =!free.
 *
 * If =openpam_readword reaches the end of the line or file before any
 * characters are copied to the word, it returns =NULL.  In the former
 * case, the newline is pushed back to the file.
 *
 * If =openpam_readword reaches the end of the file while a quote or
 * backslash escape is in effect, it sets :errno to =EINVAL and returns
 * =NULL.
 *
 * IMPLEMENTATION NOTES
 *
 * The parsing rules are intended to be equivalent to the normal POSIX
 * shell quoting rules.
 * Any discrepancy is a bug and should be reported to the author along
 * with sample input that can be used to reproduce the error.
 *
 * >openpam_readline
 * >openpam_readlinev
 *
 * AUTHOR DES
 */