On Tue, 18 Aug 2015 09:41:47 +1000, Damien Miller wrote: > Yeah, we should refactor it into a version that returns a ssherr.h code > and (perhaps) leave the existing tilde_expand_filename() as a wrapper. We could do something like this. The name stinks but... - todd Index: misc.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/misc.c,v retrieving revision 1.97 diff -u -p -u -r1.97 misc.c --- misc.c 24 Apr 2015 01:36:00 -0000 1.97 +++ misc.c 19 Aug 2015 02:28:18 -0000 @@ -50,6 +50,7 @@ #include "xmalloc.h" #include "misc.h" #include "log.h" +#include "ssherr.h" #include "ssh.h" /* remove newline at end of string */ @@ -499,29 +500,31 @@ freeargs(arglist *args) * Expands tildes in the file name. Returns data allocated by xmalloc. * Warning: this calls getpw*. */ -char * -tilde_expand_filename(const char *filename, uid_t uid) +int +tilde_expand_filename2(const char *filename, char **expanded, uid_t uid) { const char *path, *sep; char user[128], *ret; struct passwd *pw; - u_int len, slash; + size_t len, slash; - if (*filename != '~') - return (xstrdup(filename)); + if (*filename != '~') { + *expanded = xstrdup(filename); + return SSH_ERR_SUCCESS; + } filename++; path = strchr(filename, '/'); if (path != NULL && path > filename) { /* ~user/path */ slash = path - filename; if (slash > sizeof(user) - 1) - fatal("tilde_expand_filename: ~username too long"); + return SSH_ERR_PATH_TOO_LONG; memcpy(user, filename, slash); user[slash] = '\0'; if ((pw = getpwnam(user)) == NULL) - fatal("tilde_expand_filename: No such user %s", user); + return SSH_ERR_UNKNOWN_USER; } else if ((pw = getpwuid(uid)) == NULL) /* ~/path */ - fatal("tilde_expand_filename: No such uid %ld", (long)uid); + return SSH_ERR_UNKNOWN_USER; /* Make sure directory has a trailing '/' */ len = strlen(pw->pw_dir); @@ -534,10 +537,29 @@ tilde_expand_filename(const char *filena if (path != NULL) filename = path + 1; - if (xasprintf(&ret, "%s%s%s", pw->pw_dir, sep, filename) >= PATH_MAX) - fatal("tilde_expand_filename: Path too long"); + if (xasprintf(ret, "%s%s%s", pw->pw_dir, sep, filename) >= PATH_MAX) { + free(ret); + return SSH_ERR_PATH_TOO_LONG; + } + + *expanded = ret; + return SSH_ERR_SUCCESS; +} + +/* + * Expands tildes in the file name. Returns data allocated by xmalloc. + * Warning: this calls getpw*. + */ +char * +tilde_expand_filename(const char *filename, uid_t uid) +{ + char *ret; + int rc; - return (ret); + rc = tilde_expand_filename2(filename, &ret, uid); + if (rc != SSH_ERR_SUCCESS) + fatal("%s: %s", __func__, ssh_err(rc)); + return ret; } /* Index: misc.h =================================================================== RCS file: /cvs/src/usr.bin/ssh/misc.h,v retrieving revision 1.54 diff -u -p -u -r1.54 misc.h --- misc.h 15 Jul 2014 15:54:14 -0000 1.54 +++ misc.h 19 Aug 2015 02:27:37 -0000 @@ -49,6 +49,7 @@ char *cleanhostname(char *); char *colon(char *); long convtime(const char *); char *tilde_expand_filename(const char *, uid_t); +int tilde_expand_filename2(const char *, char **, uid_t); char *percent_expand(const char *, ...) __attribute__((__sentinel__)); char *tohex(const void *, size_t); void sanitise_stdfd(void); Index: ssherr.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/ssherr.c,v retrieving revision 1.4 diff -u -p -u -r1.4 ssherr.c --- ssherr.c 16 Feb 2015 22:13:32 -0000 1.4 +++ ssherr.c 19 Aug 2015 02:19:05 -0000 @@ -135,6 +135,10 @@ ssh_err(int n) return "Connection corrupted"; case SSH_ERR_PROTOCOL_ERROR: return "Protocol error"; + case SSH_ERR_UNKNOWN_USER: + return "Unknown user"; + case SSH_ERR_PATH_TOO_LONG: + return "Path too long"; default: return "unknown error"; } Index: ssherr.h =================================================================== RCS file: /cvs/src/usr.bin/ssh/ssherr.h,v retrieving revision 1.3 diff -u -p -u -r1.3 ssherr.h --- ssherr.h 30 Jan 2015 01:13:33 -0000 1.3 +++ ssherr.h 19 Aug 2015 02:18:29 -0000 @@ -77,6 +77,8 @@ #define SSH_ERR_CONN_TIMEOUT -53 #define SSH_ERR_CONN_CORRUPT -54 #define SSH_ERR_PROTOCOL_ERROR -55 +#define SSH_ERR_UNKNOWN_USER -56 +#define SSH_ERR_PATH_TOO_LONG -57 /* Translate a numeric error code to a human-readable error string */ const char *ssh_err(int n); _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev