Null entries in passwd

Robert Elz kre at mulga.OZ
Thu May 31 16:46:56 AEST 1984 

>From kovacs!jim:
> We are running 4.2bsd on a VAX 750.
> Recently we've found "null" entries in our passwd file.
> They looked like this:
>        :
>        :0::
>        :0:0::
>        :
>        :0:
> Someone here added an entry to the passwd file
> and accidently left out the "real life" name field.
> The "null" entries followed the bad passwd entry.
> Running "/usr/ucb/chfn" caused the null entries to
> appear. With "chfn" disabled, we still got them, so
> there must be another program which handles missing
> fields with the same lack of grace. The problem
> went away, of course, when we added the missing field.
> Hope this helps someone else with the same symptom.

That's caused by a bug in getpwent() that I had hoped had been fixed
in 4.2.  Oh well.  Problem is caused whenever someone (manually,
with an editor) miscounts the number of ':' chars in a line in
/etc/passwd.  From then on, any of the programs that copy passwd
and create a new version (passwd, chsh, chfn) will create lots of
those annoying colon and zero lines.  Its a cancer, the only way
to rid your passwd file of it is to completely delete all those lines
and correct the line with the missing ':'.  If you don't do both
of those the problem will simply reappear, and grow continually.
(Notice that each of those lines has incorrect numbers of ':' chars
so each of them will cause more crap).

To the best of my knowledge, this bug exists on all unix versions,
its certainly been around ever since getpwent() appeared.  I haven't
looked at sys III or sys V though, so perhaps its fixed there.

The cause of the problem is that pwskip() allows \n to become
part of the field returned.  None of the programs that write
passwd files check for \n in the gecos, or name, or dir fields,
they just write it ...

Fix is to change the line

	while (*p && *p != ':')

in pwskip() (which is in getpwent.c) to be

	while (*p && *p != ':' && *p != '\n')

Then \n's won't ever make it into fields of passwd structs, and
broken passwd file lines won't be cancerous any more.  Of course,
cancer is often easier to spot than a simple disease ...

Robert Elz				decvax!mulga!kre

ps:  this was originally found & fixed here in an early 32v system,
by Richard Miller, now hcr!miller or something like that.

More information about the Comp.bugs.4bsd.ucb-fixes mailing list