Harden putpwent, putgrent, putspent, putspent against injection [BZ #18724]

This prevents injection of ':' and '\n' into output functions which
use the NSS files database syntax.  Critical fields (user/group names
and file system paths) are checked strictly.  For backwards
compatibility, the GECOS field is rewritten instead.

The getent program is adjusted to use the put*ent functions in libc,
instead of local copies.  This changes the behavior of getent if user
names start with '-' or '+'.

nss/valid_list_field.c

@@ -0,0 +1,35 @@
+/* Copyright (C) 2015 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <http://www.gnu.org/licenses/>.  */
+
+#include <nss.h>
+#include <stdbool.h>
+#include <string.h>
+
+static const char invalid_characters[] = NSS_INVALID_FIELD_CHARACTERS ",";
+
+/* Check that all list members match the field syntax requirements and
+   do not contain the character ','.  */
+_Bool
+__nss_valid_list_field (char **list)
+{
+  if (list == NULL)
+    return true;
+  for (; *list != NULL; ++list)
+    if (strpbrk (*list, invalid_characters) != NULL)
+      return false;
+  return true;
+}