rpms/shadow-utils/FC-6 shadow-4.0.17-overflow.patch, NONE, 1.1 shadow-utils.spec, 1.87, 1.88

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Tue Nov 14 10:15:33 UTC 2006


Author: pvrabec

Update of /cvs/dist/rpms/shadow-utils/FC-6
In directory cvs.devel.redhat.com:/tmp/cvs-serv11354

Modified Files:
	shadow-utils.spec 
Added Files:
	shadow-4.0.17-overflow.patch 
Log Message:
- fix chpasswd and chgpasswd stack overflow (#213052)


shadow-4.0.17-overflow.patch:
 chgpasswd.c |    8 ++++++--
 chpasswd.c  |    8 ++++++--
 2 files changed, 12 insertions(+), 4 deletions(-)

--- NEW FILE shadow-4.0.17-overflow.patch ---
--- shadow-4.0.17/src/chpasswd.c.overflow	2006-11-08 11:09:32.000000000 +0100
+++ shadow-4.0.17/src/chpasswd.c	2006-11-08 13:13:15.000000000 +0100
@@ -239,9 +239,13 @@
 		newpwd = cp;
 		if (!eflg) {
 			if (md5flg) {
-				char salt[12] = "$1$";
+				char tmp[12];
+				char salt[15] = "\0";
 
-				strcat (salt, crypt_make_salt ());
+				strcpy( tmp, crypt_make_salt ());
+				if( !strncmp( tmp, "$1$", 3) )
+					strcat( salt, "$1$");
+				strcat( salt, tmp);
 				cp = pw_encrypt (newpwd, salt);
 			} else
 				cp = pw_encrypt (newpwd, crypt_make_salt ());
--- shadow-4.0.17/src/chgpasswd.c.overflow	2006-11-08 13:13:40.000000000 +0100
+++ shadow-4.0.17/src/chgpasswd.c	2006-11-08 13:17:24.000000000 +0100
@@ -243,9 +243,13 @@
 		newpwd = cp;
 		if (!eflg) {
 			if (md5flg) {
-				char salt[12] = "$1$";
+				char tmp[12];
+				char salt[15] = "\0";
 
-				strcat (salt, crypt_make_salt ());
+				strcpy( tmp, crypt_make_salt ());
+				if( !strncmp( tmp, "$1$", 3) )
+					strcat( salt, "$1$");
+				strcat( salt, tmp);
 				cp = pw_encrypt (newpwd, salt);
 			} else
 				cp = pw_encrypt (newpwd, crypt_make_salt ());


Index: shadow-utils.spec
===================================================================
RCS file: /cvs/dist/rpms/shadow-utils/FC-6/shadow-utils.spec,v
retrieving revision 1.87
retrieving revision 1.88
diff -u -r1.87 -r1.88
--- shadow-utils.spec	3 Nov 2006 15:23:28 -0000	1.87
+++ shadow-utils.spec	14 Nov 2006 10:15:30 -0000	1.88
@@ -5,7 +5,7 @@
 Summary: Utilities for managing accounts and shadow password files.
 Name: shadow-utils
 Version: 4.0.17
-Release: 9%{?dist}
+Release: 10%{?dist}
 Epoch: 2
 URL: http://shadow.pld.org.pl/
 Source0: ftp://ftp.pld.org.pl/software/shadow/shadow-%{version}.tar.bz2
@@ -23,6 +23,7 @@
 Patch8: shadow-4.0.17-exitValues.patch
 Patch9: shadow-4.0.17-aOption.patch
 Patch10: shadow-4.0.17-auditLogging.patch
+Patch11: shadow-4.0.17-overflow.patch
 
 License: BSD
 Group: System Environment/Base
@@ -63,6 +64,7 @@
 %patch8 -p1 -b .exitValues
 %patch9 -p1 -b .aOption
 %patch10 -p1 -b .auditLogging
+%patch11 -p1 -b .overflow
 
 rm po/*.gmo
 rm po/stamp-po
@@ -217,6 +219,9 @@
 %{_mandir}/*/man8/faillog.8*
 
 %changelog
+* Tue Nov 14 2006 Peter Vrabec <pvrabec at redhat.com> 2:4.0.17-10
+- fix chpasswd and chgpasswd stack overflow (#213052)
+
 * Fri Nov 03 2006 Peter Vrabec <pvrabec at redhat.com> 2:4.0.17-9
 - improve audit logging (#211659)
 - improve "-l" option. Do not reset faillog if it's used (#213450).




More information about the fedora-cvs-commits mailing list