diff --git a/backport-src-passwd-add-overflow-check.patch b/backport-src-passwd-add-overflow-check.patch new file mode 100644 index 0000000000000000000000000000000000000000..39ccd9a5b473e459fcd7afdb7115af36e9b438c1 --- /dev/null +++ b/backport-src-passwd-add-overflow-check.patch @@ -0,0 +1,32 @@ +From 2d188a9987789f019dae2d46c50578a474ab2bdd Mon Sep 17 00:00:00 2001 +From: Tobias Stoeckmann +Date: Wed, 20 Dec 2023 20:48:54 +0100 +Subject: [PATCH] src/passwd.c: Add overflow check + +Signed-off-by: Tobias Stoeckmann +Link: +Co-developed-by: Alejandro Colomar +Signed-off-by: Alejandro Colomar + +Reference: https://github.com/shadow-maint/shadow/commit/2d188a9987789f019dae2d46c50578a474ab2bdd +Conflict: NA +--- + src/passwd.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/src/passwd.c b/src/passwd.c +index a24e62dfd..f494a9257 100644 +--- a/src/passwd.c ++++ b/src/passwd.c +@@ -387,8 +387,9 @@ static void check_password (const struct passwd *pw, const struct spwd *sp) + long now, ok; + now = time(NULL) / DAY; + ok = sp->sp_lstchg; +- if (sp->sp_min > 0) { +- ok += sp->sp_min; ++ if ( (sp->sp_min > 0) ++ && __builtin_add_overflow(ok, sp->sp_min, &ok)) { ++ ok = LONG_MAX; + } + + if (now < ok) { diff --git a/backport-src-passwd.c-Switch-to-day-precision.patch b/backport-src-passwd.c-Switch-to-day-precision.patch new file mode 100644 index 0000000000000000000000000000000000000000..989192e8bc50892ca14e7872dbfdc645fc9dec11 --- /dev/null +++ b/backport-src-passwd.c-Switch-to-day-precision.patch @@ -0,0 +1,61 @@ +From 3b5ba41d3e9dfc3bf058f0f31529c08201265241 Mon Sep 17 00:00:00 2001 +From: Tobias Stoeckmann +Date: Thu, 14 Dec 2023 11:54:00 +0100 +Subject: [PATCH] src/passwd.c: Switch to day precision + +The size of time_t varies across systems, but since data type long is +more than enough to calculate with days (precision of shadow file), +use it instead. + +Just in case a shadow file contains huge values, check for a possible +signed integer overflow. + +Signed-off-by: Tobias Stoeckmann +Link: +Signed-off-by: Alejandro Colomar + +Reference: https://github.com/shadow-maint/shadow/commit/3b5ba41d3e9dfc3bf058f0f31529c08201265241 +Conflict: src/chpasswd.c +--- + src/passwd.c | 10 ++++------ + 1 file changed, 4 insertions(+), 6 deletions(-) + +diff --git a/src/passwd.c b/src/passwd.c +index 336bbc9..d79767a 100644 +--- a/src/passwd.c ++++ b/src/passwd.c +@@ -390,7 +390,6 @@ static int new_password (const struct passwd *pw) + */ + static void check_password (const struct passwd *pw, const struct spwd *sp) + { +- time_t now; + int exp_status; + + exp_status = isexpired (pw, sp); +@@ -410,8 +409,6 @@ static void check_password (const struct passwd *pw, const struct spwd *sp) + return; + } + +- (void) time (&now); +- + /* + * Expired accounts cannot be changed ever. Passwords which are + * locked may not be changed. Passwords where min > max may not be +@@ -434,10 +431,11 @@ static void check_password (const struct passwd *pw, const struct spwd *sp) + * Passwords may only be changed after sp_min time is up. + */ + if (sp->sp_lstchg > 0) { +- time_t ok; +- ok = (time_t) sp->sp_lstchg * SCALE; ++ long now, ok; ++ now = time(NULL) / DAY; ++ ok = sp->sp_lstchg; + if (sp->sp_min > 0) { +- ok += (time_t) sp->sp_min * SCALE; ++ ok += sp->sp_min; + } + + if (now < ok) { +-- +2.33.0 + diff --git a/shadow.spec b/shadow.spec index 4d4fd418649222a3e143666608ed01c1bf04ceb8..5b3f6fe3eb08e7335ef7db22362d2e81ef76bd79 100644 --- a/shadow.spec +++ b/shadow.spec @@ -1,6 +1,6 @@ Name: shadow Version: 4.9 -Release: 13 +Release: 14 Epoch: 2 License: BSD and GPLv2+ Summary: Tools for managing accounts and shadow password files @@ -96,6 +96,8 @@ Patch75: backport-newgrp-fix-potential-string-injection.patch Patch76: shadow-Remove-encrypted-passwd-for-useradd-gr.patch Patch77: backport-shadow-userdel-add-the-adaptation-to-the-busybox-ps-.patch Patch78: backport-lib-btrfs-avoid-NULL-dereference.patch +Patch79: backport-src-passwd.c-Switch-to-day-precision.patch +Patch80: backport-src-passwd-add-overflow-check.patch BuildRequires: gcc, libselinux-devel, audit-libs-devel, libsemanage-devel BuildRequires: libacl-devel, libattr-devel @@ -266,6 +268,9 @@ rm -f $RPM_BUILD_ROOT/%{_libdir}/libsubid.la %{_mandir}/*/* %changelog +* Sun Feb 18 2024 zhengxiaoxiao - 2:4.9-14 +- backport some patches + * Mon Nov 27 2023 wangqingsan - 2:4.9-13 - backport some patches