From 05a6a754e645ca1dfccc348a3ad696b2309126c4 Mon Sep 17 00:00:00 2001 From: yixiangzhike Date: Tue, 11 Mar 2025 15:10:16 +0800 Subject: [PATCH] Backport patches from upstream (cherry picked from commit d17aaba7b3ca21109a31dd3c28cff326adc7d5bf) --- ...-encrypt.c-Do-not-exit-in-error-case.patch | 38 +++++++++++++++++++ ...gpasswd-Clear-password-in-more-cases.patch | 35 +++++++++++++++++ ...useradd.c-get_groups-Fix-memory-leak.patch | 32 ++++++++++++++++ shadow.spec | 8 +++- 4 files changed, 112 insertions(+), 1 deletion(-) create mode 100644 backport-lib-encrypt.c-Do-not-exit-in-error-case.patch create mode 100644 backport-src-gpasswd-Clear-password-in-more-cases.patch create mode 100644 backport-src-useradd.c-get_groups-Fix-memory-leak.patch diff --git a/backport-lib-encrypt.c-Do-not-exit-in-error-case.patch b/backport-lib-encrypt.c-Do-not-exit-in-error-case.patch new file mode 100644 index 0000000..2230291 --- /dev/null +++ b/backport-lib-encrypt.c-Do-not-exit-in-error-case.patch @@ -0,0 +1,38 @@ +From 6cbce81df97a16363c46cbd1e8202c3b4f0a2205 Mon Sep 17 00:00:00 2001 +From: Tobias Stoeckmann +Date: Sun, 19 Jan 2025 21:23:54 +0100 +Subject: [PATCH] lib/encrypt.c: Do not exit in error case + +If crypt fails, pw_encrypt calls exit. This has the consequence that the +plaintext password is not cleared. + +A valid password can fail if the underlying library does not support it. +One such example is SHA512, for which the password must not be longer +than 256 characters on musl. A password longer than this with glibc +works, so it is actually possible that a user, running passwd, tries to +enter the old password but the musl-based passwd binary simply exits. +Let passwd clear the password before exiting. + +Reviewed-by: Alejandro Colomar +Signed-off-by: Tobias Stoeckmann +--- + lib/encrypt.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/lib/encrypt.c b/lib/encrypt.c +index c84a2552..9c1cb406 100644 +--- a/lib/encrypt.c ++++ b/lib/encrypt.c +@@ -65,7 +65,8 @@ + (void) fprintf (shadow_logfd, + _("crypt method not supported by libcrypt? (%s)\n"), + method); +- exit (EXIT_FAILURE); ++ errno = EINVAL; ++ return NULL; + } + + if (strlen (cp) != 13) { +-- +2.33.0 + diff --git a/backport-src-gpasswd-Clear-password-in-more-cases.patch b/backport-src-gpasswd-Clear-password-in-more-cases.patch new file mode 100644 index 0000000..94f8ce9 --- /dev/null +++ b/backport-src-gpasswd-Clear-password-in-more-cases.patch @@ -0,0 +1,35 @@ +From 6b4bbbeecd676c9423f82658bb3a8f6990218e8d Mon Sep 17 00:00:00 2001 +From: Tobias Stoeckmann +Date: Sun, 19 Jan 2025 21:27:50 +0100 +Subject: [PATCH] src/gpasswd: Clear password in more cases + +If encryption of password fails, clear the memory before exiting. + +Reviewed-by: Alejandro Colomar +Signed-off-by: Tobias Stoeckmann +--- + src/gpasswd.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/gpasswd.c b/src/gpasswd.c +index 560b0ea7..e9e111a9 100644 +--- a/src/gpasswd.c ++++ b/src/gpasswd.c +@@ -864,13 +864,13 @@ static void change_passwd (struct group *gr) + + salt = crypt_make_salt (NULL, NULL); + cp = pw_encrypt (pass, salt); ++ memzero (pass, sizeof pass); + if (NULL == cp) { + fprintf (stderr, + _("%s: failed to crypt password with salt '%s': %s\n"), + Prog, salt, strerror (errno)); + exit (1); + } +- memzero (pass, sizeof pass); + #ifdef SHADOWGRP + if (is_shadowgrp) { + gr->gr_passwd = SHADOW_PASSWD_STRING; +-- +2.33.0 + diff --git a/backport-src-useradd.c-get_groups-Fix-memory-leak.patch b/backport-src-useradd.c-get_groups-Fix-memory-leak.patch new file mode 100644 index 0000000..c411118 --- /dev/null +++ b/backport-src-useradd.c-get_groups-Fix-memory-leak.patch @@ -0,0 +1,32 @@ +From feead2f639506d49cef9dde385eb56cd3413ecf0 Mon Sep 17 00:00:00 2001 +From: sgakerru +Date: Sat, 19 Oct 2024 13:26:44 +0400 +Subject: [PATCH] src/useradd.c: get_groups(): Fix memory leak + +--- + src/useradd.c | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/src/useradd.c b/src/useradd.c +index 64e7a412..bd3b0624 100644 +--- a/src/useradd.c ++++ b/src/useradd.c +@@ -760,6 +760,15 @@ static int get_groups (char *list) + int errors = 0; + int ngroups = 0; + ++ /* ++ * Free previous group list before creating a new one. ++ */ ++ int i = 0; ++ while (NULL != user_groups[i]) { ++ free(user_groups[i]); ++ user_groups[i++] = NULL; ++ } ++ + if ('\0' == *list) { + return 0; + } +-- +2.33.0 + diff --git a/shadow.spec b/shadow.spec index 33068b7..719678a 100644 --- a/shadow.spec +++ b/shadow.spec @@ -1,6 +1,6 @@ Name: shadow Version: 4.14.3 -Release: 6 +Release: 7 Epoch: 2 License: BSD and GPLv2+ Summary: Tools for managing accounts and shadow password files @@ -24,6 +24,9 @@ Patch4: backport-lib-idmapping.c--Use-long-constants-in-prctl-2.patch Patch5: backport-man-lastlog-remove-wrong-use-of-keyword-term.patch Patch6: backport-lib-csrand.c-Fix-the-lower-part-of-the-domain-of-csr.patch Patch7: limit-username-length-to-32.patch +Patch8: backport-src-useradd.c-get_groups-Fix-memory-leak.patch +Patch9: backport-src-gpasswd-Clear-password-in-more-cases.patch +Patch10: backport-lib-encrypt.c-Do-not-exit-in-error-case.patch BuildRequires: gcc, libselinux-devel, audit-libs-devel, libsemanage-devel BuildRequires: libacl-devel, libattr-devel @@ -193,6 +196,9 @@ rm -f $RPM_BUILD_ROOT/%{_libdir}/libsubid.{la,a} %{_mandir}/*/* %changelog +* Tue Mar 11 2025 yixiangzhike - 2:4.14.3-7 +- backport patches from upstream + * Sat Feb 8 2025 hugel - 2:4.14.3-6 - limit username length to 32 -- Gitee