lib/chkname.c: login_name_max_size(): Put limits for LOGIN_NAME_MAX a…

…nd sysconf(_SC_LOGIN_NAME_MAX) GNU Hurd doesn't define LOGIN_NAME_MAX. GNU Hurd recommends having no system limits. When a program needs a limit, because it needs to validate user input, it is recommended that each program defines its own limit macros. The rationale is that this avoids hard-coded limits in ABIs, which cannot be modified ever. However, that doesn't mean that programs should have no limits at all. We use this limit for validating user input, and so we shouldn't allow anything just because the system doesn't want to set a limit. So, when sysconf(2) returns -1, either due to an error or due to a claim for no limits, we must fall back to the LOGIN_NAME_MAX value. And if the system doesn't define that value, we must define it ourselves (we're more or less free to choose any value, so let's pick the one that glibc provides nowadays). Fixes: 6a1f45d (2024-02-04; "lib/chkname.c: Support unlimited user name lengths") Closes: <#1166> Cc: Chris Hofstaedtler <[email protected]> Reviewed-by: Samuel Thibault <[email protected]> Reviewed-by: Tobias Stoeckmann <[email protected]> Reviewed-by: Iker Pedrosa <[email protected]> Signed-off-by: Alejandro Colomar <[email protected]>
shadow-maint · Jan 7, 2025 · 8b36662 · 8b36662
1 parent 0b30e1e
commit 8b36662
Showing 1 changed file with 8 additions and 6 deletions.
diff --git a/lib/chkname.c b/lib/chkname.c
@@ -2,7 +2,7 @@
 // SPDX-FileCopyrightText: 1996-2000, Marek Michałkiewicz
 // SPDX-FileCopyrightText: 2001-2005, Tomasz Kłoczko
 // SPDX-FileCopyrightText: 2005-2008, Nicolas François
-// SPDX-FileCopyrightText: 2023-2024, Alejandro Colomar <[email protected]>
+// SPDX-FileCopyrightText: 2023-2025, Alejandro Colomar <[email protected]>
 // SPDX-License-Identifier: BSD-3-Clause
 
 
@@ -27,15 +27,18 @@
 #include <limits.h>
 #include <stdbool.h>
 #include <stddef.h>
-#include <stdint.h>
-#include <sys/param.h>
 #include <unistd.h>
 
 #include "defines.h"
 #include "chkname.h"
 #include "string/strcmp/streq.h"
 
 
+#ifndef  LOGIN_NAME_MAX
+# define LOGIN_NAME_MAX  256
+#endif
+
+
 int allow_bad_names = false;
 
 
@@ -44,12 +47,11 @@ login_name_max_size(void)
 {
 	long  conf;
 
-	errno = 0;
 	conf = sysconf(_SC_LOGIN_NAME_MAX);
-	if (conf == -1 && errno != 0)
+	if (conf == -1)
 		return LOGIN_NAME_MAX;
 
-	return MIN(conf, PTRDIFF_MAX);
+	return conf;
 }