aboutsummaryrefslogtreecommitdiff
path: root/libbb
diff options
context:
space:
mode:
Diffstat (limited to 'libbb')
-rw-r--r--libbb/die_if_bad_username.c12
1 files changed, 8 insertions, 4 deletions
diff --git a/libbb/die_if_bad_username.c b/libbb/die_if_bad_username.c
index c1641d376..8b4deec29 100644
--- a/libbb/die_if_bad_username.c
+++ b/libbb/die_if_bad_username.c
@@ -18,16 +18,20 @@
18 18
19void FAST_FUNC die_if_bad_username(const char *name) 19void FAST_FUNC die_if_bad_username(const char *name)
20{ 20{
21 goto skip; /* 1st char being dash isn't valid */ 21 /* 1st char being dash or dot isn't valid: */
22 goto skip;
23 /* For example, name like ".." can make adduser
24 * chown "/home/.." recursively - NOT GOOD
25 */
26
22 do { 27 do {
23 if (*name == '-') 28 if (*name == '-' || *name == '.')
24 continue; 29 continue;
25 skip: 30 skip:
26 if (isalnum(*name) 31 if (isalnum(*name)
27 || *name == '_' 32 || *name == '_'
28 || *name == '.'
29 || *name == '@' 33 || *name == '@'
30 || (*name == '$' && !*(name + 1)) 34 || (*name == '$' && !name[1])
31 ) { 35 ) {
32 continue; 36 continue;
33 } 37 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-28 01:12:07 +0000