1*10b5fe87SSascha Wildner /*-
2*10b5fe87SSascha Wildner * Copyright (c) 2012-2017 Dag-Erling Smørgrav
3*10b5fe87SSascha Wildner * All rights reserved.
4*10b5fe87SSascha Wildner *
5*10b5fe87SSascha Wildner * Redistribution and use in source and binary forms, with or without
6*10b5fe87SSascha Wildner * modification, are permitted provided that the following conditions
7*10b5fe87SSascha Wildner * are met:
8*10b5fe87SSascha Wildner * 1. Redistributions of source code must retain the above copyright
9*10b5fe87SSascha Wildner * notice, this list of conditions and the following disclaimer.
10*10b5fe87SSascha Wildner * 2. Redistributions in binary form must reproduce the above copyright
11*10b5fe87SSascha Wildner * notice, this list of conditions and the following disclaimer in the
12*10b5fe87SSascha Wildner * documentation and/or other materials provided with the distribution.
13*10b5fe87SSascha Wildner * 3. The name of the author may not be used to endorse or promote
14*10b5fe87SSascha Wildner * products derived from this software without specific prior written
15*10b5fe87SSascha Wildner * permission.
16*10b5fe87SSascha Wildner *
17*10b5fe87SSascha Wildner * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18*10b5fe87SSascha Wildner * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19*10b5fe87SSascha Wildner * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20*10b5fe87SSascha Wildner * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21*10b5fe87SSascha Wildner * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22*10b5fe87SSascha Wildner * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23*10b5fe87SSascha Wildner * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24*10b5fe87SSascha Wildner * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25*10b5fe87SSascha Wildner * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26*10b5fe87SSascha Wildner * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27*10b5fe87SSascha Wildner * SUCH DAMAGE.
28*10b5fe87SSascha Wildner *
29*10b5fe87SSascha Wildner * $OpenPAM: openpam_readword.c 938 2017-04-30 21:34:42Z des $
30*10b5fe87SSascha Wildner */
31*10b5fe87SSascha Wildner
32*10b5fe87SSascha Wildner #ifdef HAVE_CONFIG_H
33*10b5fe87SSascha Wildner # include "config.h"
34*10b5fe87SSascha Wildner #endif
35*10b5fe87SSascha Wildner
36*10b5fe87SSascha Wildner #include <errno.h>
37*10b5fe87SSascha Wildner #include <stdio.h>
38*10b5fe87SSascha Wildner #include <stdlib.h>
39*10b5fe87SSascha Wildner
40*10b5fe87SSascha Wildner #include <security/pam_appl.h>
41*10b5fe87SSascha Wildner
42*10b5fe87SSascha Wildner #include "openpam_impl.h"
43*10b5fe87SSascha Wildner #include "openpam_ctype.h"
44*10b5fe87SSascha Wildner
45*10b5fe87SSascha Wildner #define MIN_WORD_SIZE 32
46*10b5fe87SSascha Wildner
47*10b5fe87SSascha Wildner /*
48*10b5fe87SSascha Wildner * OpenPAM extension
49*10b5fe87SSascha Wildner *
50*10b5fe87SSascha Wildner * Read a word from a file, respecting shell quoting rules.
51*10b5fe87SSascha Wildner */
52*10b5fe87SSascha Wildner
53*10b5fe87SSascha Wildner char *
openpam_readword(FILE * f,int * lineno,size_t * lenp)54*10b5fe87SSascha Wildner openpam_readword(FILE *f, int *lineno, size_t *lenp)
55*10b5fe87SSascha Wildner {
56*10b5fe87SSascha Wildner char *word;
57*10b5fe87SSascha Wildner size_t size, len;
58*10b5fe87SSascha Wildner int ch, escape, quote;
59*10b5fe87SSascha Wildner int serrno;
60*10b5fe87SSascha Wildner
61*10b5fe87SSascha Wildner errno = 0;
62*10b5fe87SSascha Wildner
63*10b5fe87SSascha Wildner /* skip initial whitespace */
64*10b5fe87SSascha Wildner escape = quote = 0;
65*10b5fe87SSascha Wildner while ((ch = getc(f)) != EOF) {
66*10b5fe87SSascha Wildner if (ch == '\n') {
67*10b5fe87SSascha Wildner /* either EOL or line continuation */
68*10b5fe87SSascha Wildner if (!escape)
69*10b5fe87SSascha Wildner break;
70*10b5fe87SSascha Wildner if (lineno != NULL)
71*10b5fe87SSascha Wildner ++*lineno;
72*10b5fe87SSascha Wildner escape = 0;
73*10b5fe87SSascha Wildner } else if (escape) {
74*10b5fe87SSascha Wildner /* escaped something else */
75*10b5fe87SSascha Wildner break;
76*10b5fe87SSascha Wildner } else if (ch == '#') {
77*10b5fe87SSascha Wildner /* comment: until EOL, no continuation */
78*10b5fe87SSascha Wildner while ((ch = getc(f)) != EOF)
79*10b5fe87SSascha Wildner if (ch == '\n')
80*10b5fe87SSascha Wildner break;
81*10b5fe87SSascha Wildner break;
82*10b5fe87SSascha Wildner } else if (ch == '\\') {
83*10b5fe87SSascha Wildner escape = 1;
84*10b5fe87SSascha Wildner } else if (!is_ws(ch)) {
85*10b5fe87SSascha Wildner break;
86*10b5fe87SSascha Wildner }
87*10b5fe87SSascha Wildner }
88*10b5fe87SSascha Wildner if (ch == EOF)
89*10b5fe87SSascha Wildner return (NULL);
90*10b5fe87SSascha Wildner ungetc(ch, f);
91*10b5fe87SSascha Wildner if (ch == '\n')
92*10b5fe87SSascha Wildner return (NULL);
93*10b5fe87SSascha Wildner
94*10b5fe87SSascha Wildner word = NULL;
95*10b5fe87SSascha Wildner size = len = 0;
96*10b5fe87SSascha Wildner while ((ch = fgetc(f)) != EOF && (!is_ws(ch) || quote || escape)) {
97*10b5fe87SSascha Wildner if (ch == '\\' && !escape && quote != '\'') {
98*10b5fe87SSascha Wildner /* escape next character */
99*10b5fe87SSascha Wildner escape = ch;
100*10b5fe87SSascha Wildner } else if ((ch == '\'' || ch == '"') && !quote && !escape) {
101*10b5fe87SSascha Wildner /* begin quote */
102*10b5fe87SSascha Wildner quote = ch;
103*10b5fe87SSascha Wildner /* edge case: empty quoted string */
104*10b5fe87SSascha Wildner if (openpam_straddch(&word, &size, &len, 0) != 0)
105*10b5fe87SSascha Wildner return (NULL);
106*10b5fe87SSascha Wildner } else if (ch == quote && !escape) {
107*10b5fe87SSascha Wildner /* end quote */
108*10b5fe87SSascha Wildner quote = 0;
109*10b5fe87SSascha Wildner } else if (ch == '\n' && escape) {
110*10b5fe87SSascha Wildner /* line continuation */
111*10b5fe87SSascha Wildner escape = 0;
112*10b5fe87SSascha Wildner } else {
113*10b5fe87SSascha Wildner if (escape && quote && ch != '\\' && ch != quote &&
114*10b5fe87SSascha Wildner openpam_straddch(&word, &size, &len, '\\') != 0) {
115*10b5fe87SSascha Wildner free(word);
116*10b5fe87SSascha Wildner errno = ENOMEM;
117*10b5fe87SSascha Wildner return (NULL);
118*10b5fe87SSascha Wildner }
119*10b5fe87SSascha Wildner if (openpam_straddch(&word, &size, &len, ch) != 0) {
120*10b5fe87SSascha Wildner free(word);
121*10b5fe87SSascha Wildner errno = ENOMEM;
122*10b5fe87SSascha Wildner return (NULL);
123*10b5fe87SSascha Wildner }
124*10b5fe87SSascha Wildner escape = 0;
125*10b5fe87SSascha Wildner }
126*10b5fe87SSascha Wildner if (lineno != NULL && ch == '\n')
127*10b5fe87SSascha Wildner ++*lineno;
128*10b5fe87SSascha Wildner }
129*10b5fe87SSascha Wildner if (ch == EOF && ferror(f)) {
130*10b5fe87SSascha Wildner serrno = errno;
131*10b5fe87SSascha Wildner free(word);
132*10b5fe87SSascha Wildner errno = serrno;
133*10b5fe87SSascha Wildner return (NULL);
134*10b5fe87SSascha Wildner }
135*10b5fe87SSascha Wildner if (ch == EOF && (escape || quote)) {
136*10b5fe87SSascha Wildner /* Missing escaped character or closing quote. */
137*10b5fe87SSascha Wildner openpam_log(PAM_LOG_DEBUG, "unexpected end of file");
138*10b5fe87SSascha Wildner free(word);
139*10b5fe87SSascha Wildner errno = EINVAL;
140*10b5fe87SSascha Wildner return (NULL);
141*10b5fe87SSascha Wildner }
142*10b5fe87SSascha Wildner ungetc(ch, f);
143*10b5fe87SSascha Wildner if (lenp != NULL)
144*10b5fe87SSascha Wildner *lenp = len;
145*10b5fe87SSascha Wildner return (word);
146*10b5fe87SSascha Wildner }
147*10b5fe87SSascha Wildner
148*10b5fe87SSascha Wildner /**
149*10b5fe87SSascha Wildner * The =openpam_readword function reads the next word from a file, and
150*10b5fe87SSascha Wildner * returns it in a NUL-terminated buffer allocated with =!malloc.
151*10b5fe87SSascha Wildner *
152*10b5fe87SSascha Wildner * A word is a sequence of non-whitespace characters.
153*10b5fe87SSascha Wildner * However, whitespace characters can be included in a word if quoted or
154*10b5fe87SSascha Wildner * escaped according to the following rules:
155*10b5fe87SSascha Wildner *
156*10b5fe87SSascha Wildner * - An unescaped single or double quote introduces a quoted string,
157*10b5fe87SSascha Wildner * which ends when the same quote character is encountered a second
158*10b5fe87SSascha Wildner * time.
159*10b5fe87SSascha Wildner * The quotes themselves are stripped.
160*10b5fe87SSascha Wildner *
161*10b5fe87SSascha Wildner * - Within a single- or double-quoted string, all whitespace characters,
162*10b5fe87SSascha Wildner * including the newline character, are preserved as-is.
163*10b5fe87SSascha Wildner *
164*10b5fe87SSascha Wildner * - Outside a quoted string, a backslash escapes the next character,
165*10b5fe87SSascha Wildner * which is preserved as-is, unless that character is a newline, in
166*10b5fe87SSascha Wildner * which case it is discarded and reading continues at the beginning of
167*10b5fe87SSascha Wildner * the next line as if the backslash and newline had not been there.
168*10b5fe87SSascha Wildner * In all cases, the backslash itself is discarded.
169*10b5fe87SSascha Wildner *
170*10b5fe87SSascha Wildner * - Within a single-quoted string, double quotes and backslashes are
171*10b5fe87SSascha Wildner * preserved as-is.
172*10b5fe87SSascha Wildner *
173*10b5fe87SSascha Wildner * - Within a double-quoted string, a single quote is preserved as-is,
174*10b5fe87SSascha Wildner * and a backslash is preserved as-is unless used to escape a double
175*10b5fe87SSascha Wildner * quote.
176*10b5fe87SSascha Wildner *
177*10b5fe87SSascha Wildner * In addition, if the first non-whitespace character on the line is a
178*10b5fe87SSascha Wildner * hash character (#), the rest of the line is discarded.
179*10b5fe87SSascha Wildner * If a hash character occurs within a word, however, it is preserved
180*10b5fe87SSascha Wildner * as-is.
181*10b5fe87SSascha Wildner * A backslash at the end of a comment does cause line continuation.
182*10b5fe87SSascha Wildner *
183*10b5fe87SSascha Wildner * If =lineno is not =NULL, the integer variable it points to is
184*10b5fe87SSascha Wildner * incremented every time a quoted or escaped newline character is read.
185*10b5fe87SSascha Wildner *
186*10b5fe87SSascha Wildner * If =lenp is not =NULL, the length of the word (after quotes and
187*10b5fe87SSascha Wildner * backslashes have been removed) is stored in the variable it points to.
188*10b5fe87SSascha Wildner *
189*10b5fe87SSascha Wildner * RETURN VALUES
190*10b5fe87SSascha Wildner *
191*10b5fe87SSascha Wildner * If successful, the =openpam_readword function returns a pointer to a
192*10b5fe87SSascha Wildner * dynamically allocated NUL-terminated string containing the first word
193*10b5fe87SSascha Wildner * encountered on the line.
194*10b5fe87SSascha Wildner *
195*10b5fe87SSascha Wildner * The caller is responsible for releasing the returned buffer by passing
196*10b5fe87SSascha Wildner * it to =!free.
197*10b5fe87SSascha Wildner *
198*10b5fe87SSascha Wildner * If =openpam_readword reaches the end of the line or file before any
199*10b5fe87SSascha Wildner * characters are copied to the word, it returns =NULL. In the former
200*10b5fe87SSascha Wildner * case, the newline is pushed back to the file.
201*10b5fe87SSascha Wildner *
202*10b5fe87SSascha Wildner * If =openpam_readword reaches the end of the file while a quote or
203*10b5fe87SSascha Wildner * backslash escape is in effect, it sets :errno to =EINVAL and returns
204*10b5fe87SSascha Wildner * =NULL.
205*10b5fe87SSascha Wildner *
206*10b5fe87SSascha Wildner * IMPLEMENTATION NOTES
207*10b5fe87SSascha Wildner *
208*10b5fe87SSascha Wildner * The parsing rules are intended to be equivalent to the normal POSIX
209*10b5fe87SSascha Wildner * shell quoting rules.
210*10b5fe87SSascha Wildner * Any discrepancy is a bug and should be reported to the author along
211*10b5fe87SSascha Wildner * with sample input that can be used to reproduce the error.
212*10b5fe87SSascha Wildner *
213*10b5fe87SSascha Wildner * >openpam_readline
214*10b5fe87SSascha Wildner * >openpam_readlinev
215*10b5fe87SSascha Wildner *
216*10b5fe87SSascha Wildner * AUTHOR DES
217*10b5fe87SSascha Wildner */
218