1 /*-
2 * SPDX-License-Identifier: BSD-3-Clause
3 *
4 * Copyright (c) 1998 Dag-Erling Smørgrav
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer
12 * in this position and unchanged.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. The name of the author may not be used to endorse or promote products
17 * derived from this software without specific prior written permission
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
20 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
21 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
22 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
23 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
24 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
28 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 */
30
31 #include <sys/cdefs.h>
32 #include <err.h>
33 #include <errno.h>
34 #include <ctype.h>
35 #include <inttypes.h>
36 #include <limits.h>
37 #include <stdint.h>
38 #include <stdio.h>
39 #include <stdlib.h>
40 #include <string.h>
41 #include <unistd.h>
42 #include <sysexits.h>
43
44 static void __dead2
usage(void)45 usage(void)
46 {
47
48 fprintf(stderr, "usage: chkgrp [-q] [groupfile]\n");
49 exit(EX_USAGE);
50 }
51
52 int
main(int argc,char * argv[])53 main(int argc, char *argv[])
54 {
55 FILE *gf;
56 unsigned long gid;
57 unsigned int i;
58 size_t len;
59 int opt, quiet;
60 int n = 0, k, e = 0;
61 const char *cp, *f[4], *gfn, *p;
62 char *line;
63
64 quiet = 0;
65 while ((opt = getopt(argc, argv, "q")) != -1) {
66 switch (opt) {
67 case 'q':
68 quiet = 1;
69 break;
70 default:
71 usage();
72 }
73 }
74
75 argc -= optind;
76 argv += optind;
77
78 if (argc == 0)
79 gfn = "/etc/group";
80 else if (argc == 1)
81 gfn = argv[0];
82 else
83 usage();
84
85 /* open group file */
86 if ((gf = fopen(gfn, "r")) == NULL)
87 err(EX_NOINPUT, "%s", gfn);
88
89 /* check line by line */
90 while (++n) {
91 if ((line = fgetln(gf, &len)) == NULL)
92 break;
93 if (len > 0 && line[len - 1] != '\n') {
94 warnx("%s: line %d: no newline character", gfn, n);
95 e = 1;
96 }
97 while (len && isspace(line[len-1]))
98 len--;
99
100 /* ignore blank lines and comments */
101 for (p = line; p < line + len; p++)
102 if (!isspace(*p)) break;
103 if (!len || *p == '#')
104 continue;
105
106 /*
107 * Hack: special case for + line
108 */
109 if (strncmp(line, "+:::", len) == 0 ||
110 strncmp(line, "+:*::", len) == 0)
111 continue;
112
113 /*
114 * A correct group entry has four colon-separated fields,
115 * the third of which must be entirely numeric and the
116 * fourth of which may be empty.
117 */
118 for (i = k = 0; k < 4; k++) {
119 for (f[k] = line + i; i < len && line[i] != ':'; i++)
120 /* nothing */ ;
121 if (k < 3 && line[i] != ':')
122 break;
123 line[i++] = 0;
124 }
125
126 if (k < 4) {
127 warnx("%s: line %d: missing field(s)", gfn, n);
128 while (k < 4)
129 f[k++] = "";
130 e = 1;
131 }
132
133 for (cp = f[0] ; *cp ; cp++) {
134 if (!isalnum(*cp) && *cp != '.' && *cp != '_' &&
135 *cp != '-' && (cp > f[0] || *cp != '+')) {
136 warnx("%s: line %d: '%c' invalid character",
137 gfn, n, *cp);
138 e = 1;
139 }
140 }
141
142 for (cp = f[3] ; *cp ; cp++) {
143 if (!isalnum(*cp) && *cp != '.' && *cp != '_' &&
144 *cp != '-' && *cp != ',') {
145 warnx("%s: line %d: '%c' invalid character",
146 gfn, n, *cp);
147 e = 1;
148 }
149 }
150
151 /* check if fourth field ended with a colon */
152 if (i < len) {
153 warnx("%s: line %d: too many fields", gfn, n);
154 e = 1;
155 }
156
157 /* check that none of the fields contain whitespace */
158 for (k = 0; k < 4; k++) {
159 if (strcspn(f[k], " \t") != strlen(f[k])) {
160 warnx("%s: line %d: field %d contains whitespace",
161 gfn, n, k+1);
162 e = 1;
163 }
164 }
165
166 /* check that the GID is numeric */
167 if (strspn(f[2], "0123456789") != strlen(f[2])) {
168 warnx("%s: line %d: group id is not numeric", gfn, n);
169 e = 1;
170 }
171
172 /* check the range of the group id */
173 errno = 0;
174 gid = strtoul(f[2], NULL, 10);
175 if (errno != 0) {
176 warnx("%s: line %d: strtoul failed", gfn, n);
177 } else if (gid > GID_MAX) {
178 warnx("%s: line %d: group id is too large (%ju > %ju)",
179 gfn, n, (uintmax_t)gid, (uintmax_t)GID_MAX);
180 e = 1;
181 }
182 }
183
184 /* check what broke the loop */
185 if (ferror(gf))
186 err(EX_IOERR, "%s: line %d", gfn, n);
187
188 /* done */
189 fclose(gf);
190 if (e == 0 && quiet == 0)
191 printf("%s is fine\n", gfn);
192 exit(e ? EX_DATAERR : EX_OK);
193 }
194