xref: /netbsd-src/external/bsd/openpam/dist/lib/libpam/openpam_readword.c (revision c42dbd0ed2e61fe6eda8590caa852ccf34719964) 
1 /*	$NetBSD: openpam_readword.c,v 1.4 2023/06/30 21:46:20 christos Exp $	*/
2 
3 /*-
4  * Copyright (c) 2012-2017 Dag-Erling Smørgrav
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  * 3. The name of the author may not be used to endorse or promote
16  *    products derived from this software without specific prior written
17  *    permission.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
20  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
23  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29  * SUCH DAMAGE.
30  */
31 
32 #ifdef HAVE_CONFIG_H
33 # include "config.h"
34 #endif
35 
36 #include <sys/cdefs.h>
37 __RCSID("$NetBSD: openpam_readword.c,v 1.4 2023/06/30 21:46:20 christos Exp $");
38 
39 #include <errno.h>
40 #include <stdio.h>
41 #include <stdlib.h>
42 
43 #include <security/pam_appl.h>
44 
45 #include "openpam_impl.h"
46 #include "openpam_ctype.h"
47 
48 #define MIN_WORD_SIZE	32
49 
50 /*
51  * OpenPAM extension
52  *
53  * Read a word from a file, respecting shell quoting rules.
54  */
55 
56 char *
57 openpam_readword(FILE *f, int *lineno, size_t *lenp)
58 {
59 	char *word;
60 	size_t size, len;
61 	int ch, escape, quote;
62 	int serrno;
63 
64 	errno = 0;
65 
66 	/* skip initial whitespace */
67 	escape = quote = 0;
68 	while ((ch = getc(f)) != EOF) {
69 		if (ch == '\n') {
70 			/* either EOL or line continuation */
71 			if (!escape)
72 				break;
73 			if (lineno != NULL)
74 				++*lineno;
75 			escape = 0;
76 		} else if (escape) {
77 			/* escaped something else */
78 			break;
79 		} else if (ch == '#') {
80 			/* comment: until EOL, no continuation */
81 			while ((ch = getc(f)) != EOF)
82 				if (ch == '\n')
83 					break;
84 			break;
85 		} else if (ch == '\\') {
86 			escape = 1;
87 		} else if (!is_ws(ch)) {
88 			break;
89 		}
90 	}
91 	if (ch == EOF)
92 		return (NULL);
93 	ungetc(ch, f);
94 	if (ch == '\n')
95 		return (NULL);
96 
97 	word = NULL;
98 	size = len = 0;
99 	while ((ch = fgetc(f)) != EOF && (!is_ws(ch) || quote || escape)) {
100 		if (ch == '\\' && !escape && quote != '\'') {
101 			/* escape next character */
102 			escape = ch;
103 		} else if ((ch == '\'' || ch == '"') && !quote && !escape) {
104 			/* begin quote */
105 			quote = ch;
106 			/* edge case: empty quoted string */
107 			if (openpam_straddch(&word, &size, &len, 0) != 0)
108 				return (NULL);
109 		} else if (ch == quote && !escape) {
110 			/* end quote */
111 			quote = 0;
112 		} else if (ch == '\n' && escape) {
113 			/* line continuation */
114 			escape = 0;
115 		} else {
116 			if (escape && quote && ch != '\\' && ch != quote &&
117 			    openpam_straddch(&word, &size, &len, '\\') != 0) {
118 				free(word);
119 				errno = ENOMEM;
120 				return (NULL);
121 			}
122 			if (openpam_straddch(&word, &size, &len, ch) != 0) {
123 				free(word);
124 				errno = ENOMEM;
125 				return (NULL);
126 			}
127 			escape = 0;
128 		}
129 		if (lineno != NULL && ch == '\n')
130 			++*lineno;
131 	}
132 	if (ch == EOF && ferror(f)) {
133 		serrno = errno;
134 		free(word);
135 		errno = serrno;
136 		return (NULL);
137 	}
138 	if (ch == EOF && (escape || quote)) {
139 		/* Missing escaped character or closing quote. */
140 		free(word);
141 		errno = EINVAL;
142 		return (NULL);
143 	}
144 	ungetc(ch, f);
145 	if (lenp != NULL)
146 		*lenp = len;
147 	return (word);
148 }
149 
150 /**
151  * The =openpam_readword function reads the next word from a file, and
152  * returns it in a NUL-terminated buffer allocated with =!malloc.
153  *
154  * A word is a sequence of non-whitespace characters.
155  * However, whitespace characters can be included in a word if quoted or
156  * escaped according to the following rules:
157  *
158  *  - An unescaped single or double quote introduces a quoted string,
159  *    which ends when the same quote character is encountered a second
160  *    time.
161  *    The quotes themselves are stripped.
162  *
163  *  - Within a single- or double-quoted string, all whitespace characters,
164  *    including the newline character, are preserved as-is.
165  *
166  *  - Outside a quoted string, a backslash escapes the next character,
167  *    which is preserved as-is, unless that character is a newline, in
168  *    which case it is discarded and reading continues at the beginning of
169  *    the next line as if the backslash and newline had not been there.
170  *    In all cases, the backslash itself is discarded.
171  *
172  *  - Within a single-quoted string, double quotes and backslashes are
173  *    preserved as-is.
174  *
175  *  - Within a double-quoted string, a single quote is preserved as-is,
176  *    and a backslash is preserved as-is unless used to escape a double
177  *    quote.
178  *
179  * In addition, if the first non-whitespace character on the line is a
180  * hash character (#), the rest of the line is discarded.
181  * If a hash character occurs within a word, however, it is preserved
182  * as-is.
183  * A backslash at the end of a comment does cause line continuation.
184  *
185  * If =lineno is not =NULL, the integer variable it points to is
186  * incremented every time a quoted or escaped newline character is read.
187  *
188  * If =lenp is not =NULL, the length of the word (after quotes and
189  * backslashes have been removed) is stored in the variable it points to.
190  *
191  * RETURN VALUES
192  *
193  * If successful, the =openpam_readword function returns a pointer to a
194  * dynamically allocated NUL-terminated string containing the first word
195  * encountered on the line.
196  *
197  * The caller is responsible for releasing the returned buffer by passing
198  * it to =!free.
199  *
200  * If =openpam_readword reaches the end of the line or file before any
201  * characters are copied to the word, it returns =NULL.  In the former
202  * case, the newline is pushed back to the file.
203  *
204  * If =openpam_readword reaches the end of the file while a quote or
205  * backslash escape is in effect, it sets :errno to =EINVAL and returns
206  * =NULL.
207  *
208  * IMPLEMENTATION NOTES
209  *
210  * The parsing rules are intended to be equivalent to the normal POSIX
211  * shell quoting rules.
212  * Any discrepancy is a bug and should be reported to the author along
213  * with sample input that can be used to reproduce the error.
214  *
215  * >openpam_readline
216  * >openpam_readlinev
217  *
218  * AUTHOR DES
219  */
220