From adca9f5e6ca4a11789559582e58a5e704093a08e Mon Sep 17 00:00:00 2001
From: wbi <william.billaud@orange.com>
Date: Thu, 16 Jan 2025 17:02:13 +0100
Subject: [PATCH 1/4] Fix crash in unix users plugins if GID or UID is empty

---
 dissect/target/plugins/os/unix/_os.py | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/dissect/target/plugins/os/unix/_os.py b/dissect/target/plugins/os/unix/_os.py
index 7b475deabd..87e26ba2a6 100644
--- a/dissect/target/plugins/os/unix/_os.py
+++ b/dissect/target/plugins/os/unix/_os.py
@@ -85,13 +85,12 @@ def users(self, sessions: bool = False) -> Iterator[UnixUserRecord]:
                     current_user = (pwent.get(0), pwent.get(5), pwent.get(6))
                     if current_user in seen_users:
                         continue
-
                     seen_users.add(current_user)
                     yield UnixUserRecord(
                         name=pwent.get(0),
                         passwd=pwent.get(1),
-                        uid=pwent.get(2),
-                        gid=pwent.get(3),
+                        uid=pwent.get(2) if pwent.get(2) != "" else None,
+                        gid=pwent.get(3) if pwent.get(3) != "" else None,
                         gecos=pwent.get(4),
                         home=posix_path(pwent.get(5)),
                         shell=pwent.get(6),

From 949337d2f0b8bb8fd809e80a3db5ca1023e7ee68 Mon Sep 17 00:00:00 2001
From: wbi <william.billaud@orange.com>
Date: Fri, 17 Jan 2025 08:46:32 +0100
Subject: [PATCH 2/4] FIX : ignore encoding error etc/passwd and add test

---
 dissect/target/plugins/os/unix/_os.py | 2 +-
 tests/conftest.py                     | 1 +
 tests/plugins/os/unix/test__os.py     | 2 +-
 3 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/dissect/target/plugins/os/unix/_os.py b/dissect/target/plugins/os/unix/_os.py
index 87e26ba2a6..21459bbb1b 100644
--- a/dissect/target/plugins/os/unix/_os.py
+++ b/dissect/target/plugins/os/unix/_os.py
@@ -75,7 +75,7 @@ def users(self, sessions: bool = False) -> Iterator[UnixUserRecord]:
         # Yield users found in passwd files.
         for passwd_file in PASSWD_FILES:
             if (path := self.target.fs.path(passwd_file)).exists():
-                for line in path.open("rt"):
+                for line in path.open("rt", errors="backslashreplace"):
                     line = line.strip()
                     if not line or line.startswith("#"):
                         continue
diff --git a/tests/conftest.py b/tests/conftest.py
index 8cd7049fd6..6184dd70e9 100644
--- a/tests/conftest.py
+++ b/tests/conftest.py
@@ -441,6 +441,7 @@ def target_unix_users(target_unix: Target, fs_unix: Filesystem) -> Iterator[Targ
     passwd = """
     root:x:0:0:root:/root:/bin/bash
     user:x:1000:1000:user:/home/user:/bin/bash
+    +@ngtest:x:::::
     """
     fs_unix.map_file_fh("/etc/passwd", BytesIO(textwrap.dedent(passwd).encode()))
     yield target_unix
diff --git a/tests/plugins/os/unix/test__os.py b/tests/plugins/os/unix/test__os.py
index ffb3c917e1..2c04789f4b 100644
--- a/tests/plugins/os/unix/test__os.py
+++ b/tests/plugins/os/unix/test__os.py
@@ -134,7 +134,7 @@ def test_parse_hostname_string(
 def test_users(target_unix_users: Target) -> None:
     users = list(target_unix_users.users())
 
-    assert len(users) == 2
+    assert len(users) == 3
 
     assert users[0].name == "root"
     assert users[0].uid == 0

From a2b2ae028a4236b7f9b4778e2158565c86ade22f Mon Sep 17 00:00:00 2001
From: wbi-ocd <william.billaud@orangecyberdefense.com>
Date: Thu, 23 Jan 2025 09:11:42 +0100
Subject: [PATCH 3/4] Apply suggestions from code review

Co-authored-by: Stefan de Reuver <9864602+Horofic@users.noreply.github.com>
---
 dissect/target/plugins/os/unix/_os.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/dissect/target/plugins/os/unix/_os.py b/dissect/target/plugins/os/unix/_os.py
index 21459bbb1b..ecf7d855e6 100644
--- a/dissect/target/plugins/os/unix/_os.py
+++ b/dissect/target/plugins/os/unix/_os.py
@@ -75,7 +75,7 @@ def users(self, sessions: bool = False) -> Iterator[UnixUserRecord]:
         # Yield users found in passwd files.
         for passwd_file in PASSWD_FILES:
             if (path := self.target.fs.path(passwd_file)).exists():
-                for line in path.open("rt", errors="backslashreplace"):
+                for line in path.open("rt", errors="surrogateescape"):
                     line = line.strip()
                     if not line or line.startswith("#"):
                         continue
@@ -89,8 +89,8 @@ def users(self, sessions: bool = False) -> Iterator[UnixUserRecord]:
                     yield UnixUserRecord(
                         name=pwent.get(0),
                         passwd=pwent.get(1),
-                        uid=pwent.get(2) if pwent.get(2) != "" else None,
-                        gid=pwent.get(3) if pwent.get(3) != "" else None,
+                        uid=pwent.get(2) or None,
+                        gid=pwent.get(3) or None,
                         gecos=pwent.get(4),
                         home=posix_path(pwent.get(5)),
                         shell=pwent.get(6),

From 378d60ce4125a8c2f460842e2943968e7ec69aec Mon Sep 17 00:00:00 2001
From: wbi <william.billaud@orange.com>
Date: Thu, 23 Jan 2025 09:19:26 +0100
Subject: [PATCH 4/4] ADD test for unix user plugin

---
 tests/plugins/os/unix/test__os.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/tests/plugins/os/unix/test__os.py b/tests/plugins/os/unix/test__os.py
index 2c04789f4b..edf66d4260 100644
--- a/tests/plugins/os/unix/test__os.py
+++ b/tests/plugins/os/unix/test__os.py
@@ -148,6 +148,12 @@ def test_users(target_unix_users: Target) -> None:
     assert users[1].home == posix_path("/home/user")
     assert users[1].shell == "/bin/bash"
 
+    assert users[2].name == "+@ngtest"
+    assert users[2].uid is None
+    assert users[2].gid is None
+    assert users[2].home == posix_path("")
+    assert users[2].shell == ""
+
 
 @pytest.mark.parametrize(
     "expected_arch, elf_buf",