From a25394718fcec2b1422b872e24e54ad5c7ae69af Mon Sep 17 00:00:00 2001
From: Baptiste Daroussin <bapt@FreeBSD.org>
Date: Sat, 1 Aug 2015 10:25:55 +0000
Subject: Validate expiration days and password days from commmand line and
 pw.conf

---
 pw/pw.c      | 10 ++++++++++
 pw/pw_conf.c | 16 ++++++++++++----
 pw/pw_user.c |  8 ++++----
 pw/pwupd.h   |  2 ++
 4 files changed, 28 insertions(+), 8 deletions(-)

(limited to 'pw')

diff --git a/pw/pw.c b/pw/pw.c
index 88c83db..bca6715 100644
--- a/pw/pw.c
+++ b/pw/pw.c
@@ -262,6 +262,11 @@ main(int argc, char *argv[])
 		case 'c':
 			conf.gecos = pw_checkname(optarg, 1);
 			break;
+		case 'e':
+			conf.expire_days = strtonum(optarg, 0, INT_MAX, &errstr);
+			if (errstr)
+				errx(EX_USAGE, "Invalid expired days: %s", optarg);
+			break;
 		case 'g':
 			if (which == 0) { /* for user* */
 				addarg(&arglist, 'g', optarg);
@@ -321,6 +326,11 @@ main(int argc, char *argv[])
 		case 'o':
 			conf.checkduplicate = false;
 			break;
+		case 'p':
+			conf.password_days = strtonum(optarg, 0, INT_MAX, &errstr);
+			if (errstr)
+				errx(EX_USAGE, "Invalid password days: %s", optarg);
+			break;
 		case 'q':
 			conf.quiet = true;
 			break;
diff --git a/pw/pw_conf.c b/pw/pw_conf.c
index c6a86b7..c1b5b33 100644
--- a/pw/pw_conf.c
+++ b/pw/pw_conf.c
@@ -355,12 +355,20 @@ read_userconfig(char const * file)
 				}
 				break;
 			case _UC_EXPIRE:
-				if ((q = unquote(q)) != NULL && isdigit(*q))
-					config.expire_days = atoi(q);
+				if ((q = unquote(q)) != NULL) {
+					errstr = NULL;
+					config.expire_days = strtonum(q, 0, INT_MAX, &errstr);
+					if (errstr)
+						warnx("Invalid expire days: '%s', ignoring", q);
+				}
 				break;
 			case _UC_PASSWORD:
-				if ((q = unquote(q)) != NULL && isdigit(*q))
-					config.password_days = atoi(q);
+				if ((q = unquote(q)) != NULL) {
+					errstr = NULL;
+					config.password_days = strtonum(q, 0, INT_MAX, &errstr);
+					if (errstr)
+						warnx("Invalid password days: '%s', ignoring", q);
+				}
 				break;
 			case _UC_FIELDS:
 			case _UC_NONE:
diff --git a/pw/pw_user.c b/pw/pw_user.c
index eca8235..6e07f1f 100644
--- a/pw/pw_user.c
+++ b/pw/pw_user.c
@@ -418,14 +418,14 @@ pw_user(int mode, char *name, long id, struct cargs * args)
 			errx(EX_OSFILE, "root home `%s' is not a directory", cnf->home);
 	}
 
-	if ((arg = getarg(args, 'e')) != NULL)
-		cnf->expire_days = atoi(arg->val);
+	if (conf.expire_days > 0)
+		cnf->expire_days = conf.expire_days;
 
 	if ((arg = getarg(args, 'y')) != NULL)
 		cnf->nispasswd = arg->val;
 
-	if ((arg = getarg(args, 'p')) != NULL && arg->val)
-		cnf->password_days = atoi(arg->val);
+	if (conf.password_days > 0)
+		cnf->password_days = conf.password_days;
 
 	if ((arg = getarg(args, 'g')) != NULL) {
 		if (!*(p = arg->val))	/* Handle empty group list specially */
diff --git a/pw/pwupd.h b/pw/pwupd.h
index 054c5a5..9685bea 100644
--- a/pw/pwupd.h
+++ b/pw/pwupd.h
@@ -86,6 +86,8 @@ struct pwconf {
 	char		*newname;
 	char		*config;
 	char		*gecos;
+	int		 expire_days;
+	int		 password_days;
 	int		 fd;
 	int		 rootfd;
 	int		 which;
-- 
cgit v1.2.3-56-ge451