/*-
* SPDX-License-Identifier: BSD-3-Clause
*
* Copyright (c) 1998 Dag-Erling Smørgrav
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer
* in this position and unchanged.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote products
* derived from this software without specific prior written permission
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <sys/cdefs.h>
#include <err.h>
#include <errno.h>
#include <ctype.h>
#include <inttypes.h>
#include <limits.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <sysexits.h>
static void __dead2
usage(void)
{
fprintf(stderr, "usage: chkgrp [-q] [groupfile]\n");
exit(EX_USAGE);
}
int
main(int argc, char *argv[])
{
FILE *gf;
unsigned long gid;
unsigned int i;
size_t len;
int opt, quiet;
int n = 0, k, e = 0;
const char *cp, *f[4], *gfn, *p;
char *line;
quiet = 0;
while ((opt = getopt(argc, argv, "q")) != -1) {
switch (opt) {
case 'q':
quiet = 1;
break;
default:
usage();
}
}
argc -= optind;
argv += optind;
if (argc == 0)
gfn = "/etc/group";
else if (argc == 1)
gfn = argv[0];
else
usage();
/* open group file */
if ((gf = fopen(gfn, "r")) == NULL)
err(EX_NOINPUT, "%s", gfn);
/* check line by line */
while (++n) {
if ((line = fgetln(gf, &len)) == NULL)
break;
if (len > 0 && line[len - 1] != '\n') {
warnx("%s: line %d: no newline character", gfn, n);
e = 1;
}
while (len && isspace(line[len-1]))
len--;
/* ignore blank lines and comments */
for (p = line; p < line + len; p++)
if (!isspace(*p)) break;
if (!len || *p == '#')
continue;
/*
* Hack: special case for + line
*/
if (strncmp(line, "+:::", len) == 0 ||
strncmp(line, "+:*::", len) == 0)
continue;
/*
* A correct group entry has four colon-separated fields,
* the third of which must be entirely numeric and the
* fourth of which may be empty.
*/
for (i = k = 0; k < 4; k++) {
for (f[k] = line + i; i < len && line[i] != ':'; i++)
/* nothing */ ;
if (k < 3 && line[i] != ':')
break;
line[i++] = 0;
}
if (k < 4) {
warnx("%s: line %d: missing field(s)", gfn, n);
while (k < 4)
f[k++] = "";
e = 1;
}
for (cp = f[0] ; *cp ; cp++) {
if (!isalnum(*cp) && *cp != '.' && *cp != '_' &&
*cp != '-' && (cp > f[0] || *cp != '+')) {
warnx("%s: line %d: '%c' invalid character",
gfn, n, *cp);
e = 1;
}
}
for (cp = f[3] ; *cp ; cp++) {
if (!isalnum(*cp) && *cp != '.' && *cp != '_' &&
*cp != '-' && *cp != ',') {
warnx("%s: line %d: '%c' invalid character",
gfn, n, *cp);
e = 1;
}
}
/* check if fourth field ended with a colon */
if (i < len) {
warnx("%s: line %d: too many fields", gfn, n);
e = 1;
}
/* check that none of the fields contain whitespace */
for (k = 0; k < 4; k++) {
if (strcspn(f[k], " \t") != strlen(f[k])) {
warnx("%s: line %d: field %d contains whitespace",
gfn, n, k+1);
e = 1;
}
}
/* check that the GID is numeric */
if (strspn(f[2], "0123456789") != strlen(f[2])) {
warnx("%s: line %d: group id is not numeric", gfn, n);
e = 1;
}
/* check the range of the group id */
errno = 0;
gid = strtoul(f[2], NULL, 10);
if (errno != 0) {
warnx("%s: line %d: strtoul failed", gfn, n);
} else if (gid > GID_MAX) {
warnx("%s: line %d: group id is too large (%ju > %ju)",
gfn, n, (uintmax_t)gid, (uintmax_t)GID_MAX);
e = 1;
}
}
/* check what broke the loop */
if (ferror(gf))
err(EX_IOERR, "%s: line %d", gfn, n);
/* done */
fclose(gf);
if (e == 0 && quiet == 0)
printf("%s is fine\n", gfn);
exit(e ? EX_DATAERR : EX_OK);
}