-
Notifications
You must be signed in to change notification settings - Fork 226
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
String-to-numeric hardening #893
Draft
alejandro-colomar
wants to merge
30
commits into
shadow-maint:master
Choose a base branch
from
alejandro-colomar:atoi
base: master
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Draft
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
alejandro-colomar
referenced
this pull request
Jan 8, 2024
The third field in the /etc/shadow file (sp_lstchg) contains the date of the last password change expressed as the number of days since Jan 1, 1970. As this is a relative time, creating a user today will result in: username:17238:0:99999:7::: whilst creating the same user tomorrow will result in: username:17239:0:99999:7::: This has an impact for the Reproducible Builds[0] project where we aim to be independent of as many elements the build environment as possible, including the current date. This patch changes the behaviour to use the SOURCE_DATE_EPOCH[1] environment variable (instead of Jan 1, 1970) if valid. [0] https://reproducible-builds.org/ [1] https://reproducible-builds.org/specs/source-date-epoch/ Signed-off-by: Chris Lamb <lamby@debian.org>
alejandro-colomar
force-pushed
the
atoi
branch
2 times, most recently
from
January 8, 2024 11:56
9302ca7
to
1fb76c9
Compare
alejandro-colomar
force-pushed
the
atoi
branch
from
January 8, 2024 12:01
1fb76c9
to
c80d3a9
Compare
alejandro-colomar
changed the title
String to numeric hardening
String-to-numeric hardening
Jan 8, 2024
alejandro-colomar
force-pushed
the
atoi
branch
15 times, most recently
from
January 9, 2024 17:31
d8abbef
to
7a06efd
Compare
I was wondering... maybe I could write a library, I also fixed so many other hidden bugs in this PR, that other projects could benefit from such a library. |
alejandro-colomar
force-pushed
the
atoi
branch
8 times, most recently
from
January 11, 2024 11:32
71236aa
to
8f06e61
Compare
…ad of str2ul() Signed-off-by: Alejandro Colomar <alx@kernel.org>
…str2sl() Signed-off-by: Alejandro Colomar <alx@kernel.org>
…f str2sl() Signed-off-by: Alejandro Colomar <alx@kernel.org>
…stead of str2ul() Signed-off-by: Alejandro Colomar <alx@kernel.org>
…str2sl() Signed-off-by: Alejandro Colomar <alx@kernel.org>
This reduces indentation. Signed-off-by: Alejandro Colomar <alx@kernel.org>
spwd.sp_flag is an unsigned long, which can never be negative. Signed-off-by: Alejandro Colomar <alx@kernel.org>
Handle negative values as errors from a2sl(), and reuse its error-handling code. Cc: Iker Pedrosa <ipedrosa@redhat.com> Cc: "Serge E. Hallyn" <serge@hallyn.com> Signed-off-by: Alejandro Colomar <alx@kernel.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
…ANGE Fixes: 10396f9 ("* libmisc/limits.c: Parse the limits, umask, nice, maxlogin, file limit with getlog() / getulong().") Link: <shadow-maint@882cf59> Cc: Iker Pedrosa <ipedrosa@redhat.com> Signed-off-by: Alejandro Colomar <alx@kernel.org>
For a pointer iterator used often, a single-letter identifier is more appropriate. That reduces the length of lines considerably, avoiding unnecessary line breaks. And since we initialize it with m = mappings; it's clear what it is. Link: <shadow-maint@ff2baed#r136635300> Cc: Serge Hallyn <serge@hallyn.com> Signed-off-by: Alejandro Colomar <alx@kernel.org>
Link: <shadow-maint@ff2baed#r136635300> Cc: Serge Hallyn <serge@hallyn.com> Signed-off-by: Alejandro Colomar <alx@kernel.org>
Link: <shadow-maint@ff2baed#r136635300> Cc: Serge Hallyn <serge@hallyn.com> Signed-off-by: Alejandro Colomar <alx@kernel.org>
Link: <shadow-maint@ff2baed#r136635300> Cc: Serge Hallyn <serge@hallyn.com> Signed-off-by: Alejandro Colomar <alx@kernel.org>
This test is impossible. The limits specified in a2ul() already cover this. Link: <shadow-maint@ff2baed#r136635300> Cc: Serge Hallyn <serge@hallyn.com> Signed-off-by: Alejandro Colomar <alx@kernel.org>
Merge two iterator variables into one, and reduce its scope. Signed-off-by: Alejandro Colomar <alx@kernel.org>
Fixes: ff2baed ("idmapping: add more checks for overflow") Link: <shadow-maint@ff2baed#r136635300> Reported-by: Alejandro Colomar <alx@kernel.org> Suggested-by: Serge Hallyn <serge@hallyn.com> Signed-off-by: Alejandro Colomar <alx@kernel.org>
It was unclear why this code is using ulong. Since these only handle uid's and gid's, rename the identifiers accordingly, after id_t. Link: <shadow-maint#951> Signed-off-by: Alejandro Colomar <alx@kernel.org>
Use a static_assert(3) to make sure that id_t == uid_t == gid_t. And use uintmax_t to print it, since on Linux they are unsigned types. Link: <shadow-maint#951> Cc: Tycho Andersen <tycho@tycho.pizza> Cc: Serge Hallyn <serge@hallyn.com> Signed-off-by: Alejandro Colomar <alx@kernel.org>
alejandro-colomar
force-pushed
the
atoi
branch
2 times, most recently
from
June 30, 2024 01:17
4232f06
to
617dae9
Compare
Signed-off-by: Alejandro Colomar <alx@kernel.org>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
v3
v3 changes:v4
v4 changes:v4b
v4c
v4d
v4e
v5
v5b
v5c