forked from pool/shadow
60780ba34c
* Newgrp: avoid unnecessary lookups * Make language less binary * Add error when turning off man switch * Spelling fixes * Make userdel work with -R * newgidmap: enforce setgroups=deny if self-mapping a group * Norwegian bokmål translation * pwck: prevent crash by not passing O_CREAT * WITH_TCB fixes from Mandriva * Fix pwconv and grpconv entry skips * Fix -- slurping in su * add --prefix option - Remove CVE-2018-7169.patch: upstreamed - Remove shadow-4.1.5.1-pam_group.patch: upstreamed - Update userdel-script.patch: change due to prefix - Update useradd-mkdirs.patch: change due to prefix Additionally changed in that patch: * Test for strdup() failure * Directory to 0755 instead 0777 - Add shadow-4.6.0-fix-usermod-prefix-crash.patch: Fixes crash in usermod when called with --prefix. See https://github.com/shadow-maint/shadow/issues/110 OBS-URL: https://build.opensuse.org/package/show/Base:System/shadow?expand=0&rev=52
87 lines
2.7 KiB
Diff
87 lines
2.7 KiB
Diff
Bug: https://github.com/shadow-maint/shadow/issues/110
|
|
Containing following two fixes.
|
|
|
|
From 73a876a05612c278da747faeaeea40c3b8d34a53 Mon Sep 17 00:00:00 2001
|
|
From: fariouche <fariouche@yahoo.fr>
|
|
Date: Tue, 8 May 2018 21:17:46 -0500
|
|
Subject: [PATCH 1/2] Fix usermod crash
|
|
|
|
Return newly allocated pointers when the caller will free them.
|
|
|
|
Closes #110
|
|
---
|
|
libmisc/prefix_flag.c | 2 +-
|
|
src/usermod.c | 10 ++++++----
|
|
2 files changed, 7 insertions(+), 5 deletions(-)
|
|
|
|
diff --git a/libmisc/prefix_flag.c b/libmisc/prefix_flag.c
|
|
index 6581235e..8ceffd26 100644
|
|
--- a/libmisc/prefix_flag.c
|
|
+++ b/libmisc/prefix_flag.c
|
|
@@ -333,7 +333,7 @@ extern struct group *prefix_getgr_nam_gid(const char *grname)
|
|
&& (gid == (gid_t)gid)) {
|
|
return prefix_getgrgid ((gid_t) gid);
|
|
}
|
|
- return prefix_getgrnam (grname);
|
|
+ return __gr_dup(prefix_getgrnam (grname));
|
|
}
|
|
else
|
|
return getgr_nam_gid(grname);
|
|
diff --git a/src/usermod.c b/src/usermod.c
|
|
index e571426f..7355ad31 100644
|
|
--- a/src/usermod.c
|
|
+++ b/src/usermod.c
|
|
@@ -1251,11 +1251,13 @@ static void process_flags (int argc, char **argv)
|
|
prefix_user_home = xmalloc(len);
|
|
wlen = snprintf(prefix_user_home, len, "%s/%s", prefix, user_home);
|
|
assert (wlen == (int) len -1);
|
|
+ if (user_newhome) {
|
|
+ len = strlen(prefix) + strlen(user_newhome) + 2;
|
|
+ prefix_user_newhome = xmalloc(len);
|
|
+ wlen = snprintf(prefix_user_newhome, len, "%s/%s", prefix, user_newhome);
|
|
+ assert (wlen == (int) len -1);
|
|
+ }
|
|
|
|
- len = strlen(prefix) + strlen(user_newhome) + 2;
|
|
- prefix_user_newhome = xmalloc(len);
|
|
- wlen = snprintf(prefix_user_newhome, len, "%s/%s", prefix, user_newhome);
|
|
- assert (wlen == (int) len -1);
|
|
}
|
|
else {
|
|
prefix_user_home = user_home;
|
|
|
|
From 48dcf7852e51b9d8e7926737cc7f7823978b7d7d Mon Sep 17 00:00:00 2001
|
|
From: Serge Hallyn <shallyn@cisco.com>
|
|
Date: Tue, 8 May 2018 21:37:55 -0500
|
|
Subject: [PATCH 2/2] usermod: prevent a segv
|
|
|
|
in the case where prefix does not exist.
|
|
|
|
Signed-off-by: Serge Hallyn <shallyn@cisco.com>
|
|
---
|
|
libmisc/prefix_flag.c | 4 +++-
|
|
1 file changed, 3 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/libmisc/prefix_flag.c b/libmisc/prefix_flag.c
|
|
index 8ceffd26..96b11faa 100644
|
|
--- a/libmisc/prefix_flag.c
|
|
+++ b/libmisc/prefix_flag.c
|
|
@@ -319,6 +319,7 @@ extern struct group *prefix_getgr_nam_gid(const char *grname)
|
|
{
|
|
long long int gid;
|
|
char *endptr;
|
|
+ struct group *g;
|
|
|
|
if (NULL == grname) {
|
|
return NULL;
|
|
@@ -333,7 +334,8 @@ extern struct group *prefix_getgr_nam_gid(const char *grname)
|
|
&& (gid == (gid_t)gid)) {
|
|
return prefix_getgrgid ((gid_t) gid);
|
|
}
|
|
- return __gr_dup(prefix_getgrnam (grname));
|
|
+ g = prefix_getgrnam (grname);
|
|
+ return g ? __gr_dup(g) : NULL;
|
|
}
|
|
else
|
|
return getgr_nam_gid(grname);
|