Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / phosphor-user-manager / d9adc73a09cc17253ed8774dd72362ba5083d578^! / .
commitd9adc73a09cc17253ed8774dd72362ba5083d578[log] [tgz]
authornichanghao.nch <nichanghao@linux.alibaba.com>Wed Jan 17 20:24:17 2024 +0800
committerKwin Wang <wangkuiying.wky@alibaba-inc.com>Tue Feb 20 10:52:54 2024 +0800
tree0c8b044527f056b087f9dd245fc047cc86144ccb
parent90b84ad9d6cfe44daae2d9cfbbdb9bd616e4c814 [diff]
BugFix: user name contains invalid characters

There is an typo in the policy "[a-zA-z_]" configuration.
It it should be "[a-zA-Z_]"
BTW: Group name has the same issue, fix it by the way.

Tested: Create a username contains invalid characters like: ^, [, or ].

Before: invalid character can be added as username
ipmitool user list 1
ID  Name      Callin
4   ^test     true
5   [test     true
7   ]test     true
8   _test     true

After: error will be returned once user name has invalid character.
ipmitool user set name 4 ^test4
Set User Name command failed (user 4, name ^test4): Unspecified error

UnitTest is added.

Change-Id: I86b062faea84906dde7cf37a0d51631d78526cb1
Signed-off-by: nichanghao.nch <nichanghao@linux.alibaba.com>
Signed-off-by: Kwin Wang <wangkuiying.wky@alibaba-inc.com>

diff --git a/test/user_mgr_test.cpp b/test/user_mgr_test.cpp
index 85a8b0a..94120ff 100644
--- a/test/user_mgr_test.cpp
+++ b/test/user_mgr_test.cpp

@@ -564,9 +564,13 @@
        ThrowForUserNameConstraintsRegexMismatchThrowsInvalidArgument)
 {
     std::string startWithNumber = "0ABC";
+    std::string startWithDisallowedCharacter = "[test";
     EXPECT_THROW(
         throwForUserNameConstraints(startWithNumber, {"ipmi"}),
         sdbusplus::xyz::openbmc_project::Common::Error::InvalidArgument);
+    EXPECT_THROW(
+        throwForUserNameConstraints(startWithDisallowedCharacter, {"ipmi"}),
+        sdbusplus::xyz::openbmc_project::Common::Error::InvalidArgument);
 }
 
 TEST_F(UserMgrInTest, UserAddNotRootFailedWithInternalFailure)

diff --git a/user_mgr.cpp b/user_mgr.cpp
index 4f49925..08cc772 100644
--- a/user_mgr.cpp
+++ b/user_mgr.cpp

@@ -208,7 +208,7 @@
 {
     if (groupName.size() > maxSystemGroupNameLength ||
         !std::regex_match(groupName.c_str(),
-                          std::regex("[a-zA-z_][a-zA-Z_0-9]*")))
+                          std::regex("[a-zA-Z_][a-zA-Z_0-9]*")))
     {
         lg2::error("Invalid group name '{GROUP}'", "GROUP", groupName);
         elog<InvalidArgument>(Argument::ARGUMENT_NAME("Group Name"),
@@ -253,7 +253,7 @@
                               Argument::ARGUMENT_VALUE("Invalid length"));
     }
     if (!std::regex_match(userName.c_str(),
-                          std::regex("[a-zA-z_][a-zA-Z_0-9]*")))
+                          std::regex("[a-zA-Z_][a-zA-Z_0-9]*")))
     {
         lg2::error("Invalid username '{USERNAME}'", "USERNAME", userName);
         elog<InvalidArgument>(Argument::ARGUMENT_NAME("User name"),