1 /* $NetBSD: openpam_readword.c,v 1.4 2023/06/30 21:46:20 christos Exp $ */
2
3 /*-
4 * Copyright (c) 2012-2017 Dag-Erling Smørgrav
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. The name of the author may not be used to endorse or promote
16 * products derived from this software without specific prior written
17 * permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32 #ifdef HAVE_CONFIG_H
33 # include "config.h"
34 #endif
35
36 #include <sys/cdefs.h>
37 __RCSID("$NetBSD: openpam_readword.c,v 1.4 2023/06/30 21:46:20 christos Exp $");
38
39 #include <errno.h>
40 #include <stdio.h>
41 #include <stdlib.h>
42
43 #include <security/pam_appl.h>
44
45 #include "openpam_impl.h"
46 #include "openpam_ctype.h"
47
48 #define MIN_WORD_SIZE 32
49
50 /*
51 * OpenPAM extension
52 *
53 * Read a word from a file, respecting shell quoting rules.
54 */
55
56 char *
openpam_readword(FILE * f,int * lineno,size_t * lenp)57 openpam_readword(FILE *f, int *lineno, size_t *lenp)
58 {
59 char *word;
60 size_t size, len;
61 int ch, escape, quote;
62 int serrno;
63
64 errno = 0;
65
66 /* skip initial whitespace */
67 escape = quote = 0;
68 while ((ch = getc(f)) != EOF) {
69 if (ch == '\n') {
70 /* either EOL or line continuation */
71 if (!escape)
72 break;
73 if (lineno != NULL)
74 ++*lineno;
75 escape = 0;
76 } else if (escape) {
77 /* escaped something else */
78 break;
79 } else if (ch == '#') {
80 /* comment: until EOL, no continuation */
81 while ((ch = getc(f)) != EOF)
82 if (ch == '\n')
83 break;
84 break;
85 } else if (ch == '\\') {
86 escape = 1;
87 } else if (!is_ws(ch)) {
88 break;
89 }
90 }
91 if (ch == EOF)
92 return (NULL);
93 ungetc(ch, f);
94 if (ch == '\n')
95 return (NULL);
96
97 word = NULL;
98 size = len = 0;
99 while ((ch = fgetc(f)) != EOF && (!is_ws(ch) || quote || escape)) {
100 if (ch == '\\' && !escape && quote != '\'') {
101 /* escape next character */
102 escape = ch;
103 } else if ((ch == '\'' || ch == '"') && !quote && !escape) {
104 /* begin quote */
105 quote = ch;
106 /* edge case: empty quoted string */
107 if (openpam_straddch(&word, &size, &len, 0) != 0)
108 return (NULL);
109 } else if (ch == quote && !escape) {
110 /* end quote */
111 quote = 0;
112 } else if (ch == '\n' && escape) {
113 /* line continuation */
114 escape = 0;
115 } else {
116 if (escape && quote && ch != '\\' && ch != quote &&
117 openpam_straddch(&word, &size, &len, '\\') != 0) {
118 free(word);
119 errno = ENOMEM;
120 return (NULL);
121 }
122 if (openpam_straddch(&word, &size, &len, ch) != 0) {
123 free(word);
124 errno = ENOMEM;
125 return (NULL);
126 }
127 escape = 0;
128 }
129 if (lineno != NULL && ch == '\n')
130 ++*lineno;
131 }
132 if (ch == EOF && ferror(f)) {
133 serrno = errno;
134 free(word);
135 errno = serrno;
136 return (NULL);
137 }
138 if (ch == EOF && (escape || quote)) {
139 /* Missing escaped character or closing quote. */
140 free(word);
141 errno = EINVAL;
142 return (NULL);
143 }
144 ungetc(ch, f);
145 if (lenp != NULL)
146 *lenp = len;
147 return (word);
148 }
149
150 /**
151 * The =openpam_readword function reads the next word from a file, and
152 * returns it in a NUL-terminated buffer allocated with =!malloc.
153 *
154 * A word is a sequence of non-whitespace characters.
155 * However, whitespace characters can be included in a word if quoted or
156 * escaped according to the following rules:
157 *
158 * - An unescaped single or double quote introduces a quoted string,
159 * which ends when the same quote character is encountered a second
160 * time.
161 * The quotes themselves are stripped.
162 *
163 * - Within a single- or double-quoted string, all whitespace characters,
164 * including the newline character, are preserved as-is.
165 *
166 * - Outside a quoted string, a backslash escapes the next character,
167 * which is preserved as-is, unless that character is a newline, in
168 * which case it is discarded and reading continues at the beginning of
169 * the next line as if the backslash and newline had not been there.
170 * In all cases, the backslash itself is discarded.
171 *
172 * - Within a single-quoted string, double quotes and backslashes are
173 * preserved as-is.
174 *
175 * - Within a double-quoted string, a single quote is preserved as-is,
176 * and a backslash is preserved as-is unless used to escape a double
177 * quote.
178 *
179 * In addition, if the first non-whitespace character on the line is a
180 * hash character (#), the rest of the line is discarded.
181 * If a hash character occurs within a word, however, it is preserved
182 * as-is.
183 * A backslash at the end of a comment does cause line continuation.
184 *
185 * If =lineno is not =NULL, the integer variable it points to is
186 * incremented every time a quoted or escaped newline character is read.
187 *
188 * If =lenp is not =NULL, the length of the word (after quotes and
189 * backslashes have been removed) is stored in the variable it points to.
190 *
191 * RETURN VALUES
192 *
193 * If successful, the =openpam_readword function returns a pointer to a
194 * dynamically allocated NUL-terminated string containing the first word
195 * encountered on the line.
196 *
197 * The caller is responsible for releasing the returned buffer by passing
198 * it to =!free.
199 *
200 * If =openpam_readword reaches the end of the line or file before any
201 * characters are copied to the word, it returns =NULL. In the former
202 * case, the newline is pushed back to the file.
203 *
204 * If =openpam_readword reaches the end of the file while a quote or
205 * backslash escape is in effect, it sets :errno to =EINVAL and returns
206 * =NULL.
207 *
208 * IMPLEMENTATION NOTES
209 *
210 * The parsing rules are intended to be equivalent to the normal POSIX
211 * shell quoting rules.
212 * Any discrepancy is a bug and should be reported to the author along
213 * with sample input that can be used to reproduce the error.
214 *
215 * >openpam_readline
216 * >openpam_readlinev
217 *
218 * AUTHOR DES
219 */
220