diff --git a/backport-Add-header-guards.patch b/backport-Add-header-guards.patch new file mode 100644 index 0000000000000000000000000000000000000000..9312fc46b2709d084a2d2b95a3f0b452ecb26833 --- /dev/null +++ b/backport-Add-header-guards.patch @@ -0,0 +1,48 @@ +From 0c7ded471fdd2a130edfb265279663c68cfd2a3c Mon Sep 17 00:00:00 2001 +From: Iker Pedrosa +Date: Tue, 10 May 2022 15:26:15 +0200 +Subject: [PATCH] Add header guards + +Signed-off-by: Iker Pedrosa + +Reference: https://github.com/shadow-maint/shadow/commit/0c7ded471fdd2a130edfb265279663c68cfd2a3c +Conflict: shadowlog_internal.h is not currently available, and run_part.h is adapted +--- + lib/pwauth.h | 5 +++++ + lib/run_part.h | 5 +++++ + 2 files changed, 10 insertions(+) + +diff --git a/lib/pwauth.h b/lib/pwauth.h +index fb205b71..b610025d 100644 +--- a/lib/pwauth.h ++++ b/lib/pwauth.h +@@ -34,6 +34,9 @@ + * $Id$ + */ + ++#ifndef _PWAUTH_H ++#define _PWAUTH_H ++ + #ifndef USE_PAM + int pw_auth (const char *cipher, + const char *user, +@@ -64,3 +67,5 @@ int pw_auth (const char *cipher, + #define PW_RLOGIN 202 + #define PW_FTP 203 + #define PW_REXEC 204 ++ ++#endif /* _PWAUTH_H */ +diff --git a/lib/run_part.h b/lib/run_part.h +index 0b68dbfc..6422134c 100644 +--- a/lib/run_part.h ++++ b/lib/run_part.h +@@ -1,2 +1,7 @@ ++#ifndef _RUN_PART_H ++#define _RUN_PART_H ++ + int run_part (char *script_path, char *name, char *action); + int run_parts (char *directory, char *name, char *action); ++ ++#endif /* _RUN_PART_H */ +-- +2.23.0 diff --git a/backport-Change-to-strncat.patch b/backport-Change-to-strncat.patch new file mode 100644 index 0000000000000000000000000000000000000000..f41f517555711219bd56709eb6ad29fd50013858 --- /dev/null +++ b/backport-Change-to-strncat.patch @@ -0,0 +1,29 @@ +From 9560152f1bdae02b072b54ea65d1e686ebd46e5f Mon Sep 17 00:00:00 2001 +From: Steve Grubb +Date: Fri, 18 Mar 2022 15:35:02 -0400 +Subject: [PATCH] Change to strncat + +ut_line is declared as a nonstring in bits/utmp.h. It might not be NUL +terminated. Limit how much it copies to the size of the array. + +Reference: https://github.com/shadow-maint/shadow/commit/4f393a5f9fd9168c91225ae1b39843fc90372c74 +Conflict: NA +--- + src/logoutd.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/logoutd.c b/src/logoutd.c +index 780c29f..06c12c6 100644 +--- a/src/logoutd.c ++++ b/src/logoutd.c +@@ -250,7 +250,7 @@ int main (int argc, char **argv) + tty_name[0] = '\0'; + } + +- strcat (tty_name, ut->ut_line); ++ strncat (tty_name, ut->ut_line, UT_LINESIZE); + #ifndef O_NOCTTY + #define O_NOCTTY 0 + #endif +-- +2.33.0 diff --git a/backport-Do-not-return-garbage-in-run_parts.patch b/backport-Do-not-return-garbage-in-run_parts.patch new file mode 100644 index 0000000000000000000000000000000000000000..bd68e8672d5ed77c1940635ed137a5ceca79ebc1 --- /dev/null +++ b/backport-Do-not-return-garbage-in-run_parts.patch @@ -0,0 +1,31 @@ +From b2bc1f692736debf3ba94872db73435d114d19ec Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= +Date: Mon, 3 Jan 2022 13:12:31 +0100 +Subject: [PATCH] Do not return garbage in run_parts + +If scandir(3) returns 0, the uninitialized value of execute_result will +be returned. + +Reference: https://github.com/shadow-maint/shadow/commit/b2bc1f692736debf3ba94872db73435d114d19ec +Conflict: NA + +--- + lib/run_part.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/run_part.c b/lib/run_part.c +index 884bbefa..1e4f154b 100644 +--- a/lib/run_part.c ++++ b/lib/run_part.c +@@ -48,7 +48,7 @@ int run_parts (const char *directory, const char *name, const char *action) + int execute_result; + + scanlist = scandir (directory, &namelist, 0, alphasort); +- if (scanlist<0) { ++ if (scanlist<=0) { + return (0); + } + +-- +2.27.0 + diff --git a/backport-Handle-ERANGE-error-correctly.patch b/backport-Handle-ERANGE-error-correctly.patch new file mode 100644 index 0000000000000000000000000000000000000000..d5e1f2abf5d0a300df1680d7d945d77ee5035605 --- /dev/null +++ b/backport-Handle-ERANGE-error-correctly.patch @@ -0,0 +1,38 @@ +From e9bf727253e13968c4c61d71f4725e668cd49881 Mon Sep 17 00:00:00 2001 +From: Niko <2089413+NikoDelarich@users.noreply.github.com> +Date: Tue, 1 Mar 2022 14:43:07 +0100 +Subject: [PATCH] Handle ERANGE error correctly + +The reentrant functions getgrgid_r, getgrnam_r, getpwnam_r, etc. all return an error code instead of setting errno. Adapt the error check accordingly. + +Reference: https://github.com/shadow-maint/shadow/commit/e9bf727253e13968c4c61d71f4725e668cd49881 +Conflict: NA + +--- + libmisc/xgetXXbyYY.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/libmisc/xgetXXbyYY.c b/libmisc/xgetXXbyYY.c +index db010224..6a3f9693 100644 +--- a/libmisc/xgetXXbyYY.c ++++ b/libmisc/xgetXXbyYY.c +@@ -66,7 +66,6 @@ + "x" STRINGIZE(FUNCTION_NAME)); + exit (13); + } +- errno = 0; + status = REENTRANT_NAME(ARG_NAME, result, buffer, + length, &resbuf); + if ((0 == status) && (resbuf == result)) { +@@ -78,7 +77,7 @@ + return ret_result; + } + +- if (ERANGE != errno) { ++ if (ERANGE != status) { + free (buffer); + free (result); + return NULL; +-- +2.27.0 + diff --git a/backport-Initialize-local-variables.patch b/backport-Initialize-local-variables.patch new file mode 100644 index 0000000000000000000000000000000000000000..f225025396ee3bf7514a727629a8981b0d447280 --- /dev/null +++ b/backport-Initialize-local-variables.patch @@ -0,0 +1,89 @@ +From 3b89b71680b2eb46135439e0a7760dbe040628e5 Mon Sep 17 00:00:00 2001 +From: Iker Pedrosa +Date: Mon, 16 May 2022 17:24:58 +0200 +Subject: [PATCH] Initialize local variables + +CWE-457 by CodeQL. + +Signed-off-by: Iker Pedrosa + +Reference: https://github.com/shadow-maint/shadow/commit/3b89b71680b2eb46135439e0a7760dbe040628e5 +Conflict: The number of lines is inconsistent and there is a little difference in adaptation + +--- + lib/run_part.c | 2 +- + src/faillog.c | 4 ++-- + src/lastlog.c | 21 ++++++++++----------- + 3 files changed, 13 insertions(+), 14 deletions(-) + +diff --git a/lib/run_part.c b/lib/run_part.c +index 1e4f154b..bce11d37 100644 +--- a/lib/run_part.c ++++ b/lib/run_part.c +@@ -43,7 +43,7 @@ int run_parts (char *directory, char *name, char *action) + struct dirent **namelist; + int scanlist; + int n; +- int execute_result; ++ int execute_result = 0; + + scanlist = scandir (directory, &namelist, 0, alphasort); + if (scanlist<=0) { +diff --git a/src/faillog.c b/src/faillog.c +index d33fe9b6..0f94836f 100644 +--- a/src/faillog.c ++++ b/src/faillog.c +@@ -565,9 +565,9 @@ static void set_locktime (long locktime) + + int main (int argc, char **argv) + { +- long fail_locktime; ++ long fail_locktime = 0; + short fail_max = 0; // initialize to silence compiler warning +- long days; ++ long days = 0; + + /* + * Get the program name. The program name is used as a prefix to +diff --git a/src/lastlog.c b/src/lastlog.c +index 3c0fc9c6..0d4b5fd2 100644 +--- a/src/lastlog.c ++++ b/src/lastlog.c +@@ -114,7 +114,16 @@ static void print_one (/*@null@*/const struct passwd *pw) + #endif + + #ifdef HAVE_LL_HOST +- int maxIPv6Addrlen; ++ /* ++ * ll_host is in minimized form, thus the maximum IPv6 address possible is ++ * 8*4+7 = 39 characters. ++ * RFC 4291 2.5.6 states that for LL-addresses fe80+only the interface ID is set, ++ * thus having a maximum size of 25+1+IFNAMSIZ. ++ * POSIX says IFNAMSIZ should be 16 characters long including the null byte, thus ++ * 25+1+IFNAMSIZ >= 42 > 39 ++ */ ++ /* Link-Local address + % + Interfacename */ ++ const int maxIPv6Addrlen = 25+1+IFNAMSIZ; + #endif + + if (NULL == pw) { +@@ -158,16 +167,6 @@ static void print_one (/*@null@*/const struct passwd *pw) + /* Print the header only once */ + if (!once) { + #ifdef HAVE_LL_HOST +- /* +- * ll_host is in minimized form, thus the maximum IPv6 address possible is +- * 8*4+7 = 39 characters. +- * RFC 4291 2.5.6 states that for LL-addresses fe80+only the interface ID is set, +- * thus having a maximum size of 25+1+IFNAMSIZ. +- * POSIX says IFNAMSIZ should be 16 characters long including the null byte, thus +- * 25+1+IFNAMSIZ >= 42 > 39 +- */ +- /* Link-Local address + % + Interfacename */ +- maxIPv6Addrlen = 25+1+IFNAMSIZ; + printf (_("Username Port From%*sLatest\n"), maxIPv6Addrlen-3, " "); + #else + puts (_("Username Port Latest")); +-- +2.27.0 + diff --git a/backport-Remove-commented-out-code-and-FIXMEs.patch b/backport-Remove-commented-out-code-and-FIXMEs.patch new file mode 100644 index 0000000000000000000000000000000000000000..5b79af8c57a0751c75f7a6e95be90881c811c3ac --- /dev/null +++ b/backport-Remove-commented-out-code-and-FIXMEs.patch @@ -0,0 +1,79 @@ +From 0b51cde162322ad1c6d162be0bc1b97065ff25c8 Mon Sep 17 00:00:00 2001 +From: Iker Pedrosa +Date: Tue, 10 May 2022 15:01:21 +0200 +Subject: [PATCH] Remove commented out code and FIXMEs + +In order to remove some of the FIXMEs it was necessary to change the +code and call getulong() instead of getlong(). + +Signed-off-by: Iker Pedrosa + +Reference: https://github.com/shadow-maint/shadow/commit/0b51cde162322ad1c6d162be0bc1b97065ff25c8 +Conflict: NA + +--- + lib/getdef.c | 1 - + lib/sgetspent.c | 3 +-- + lib/shadow.c | 3 +-- + libmisc/salt.c | 3 ++- + 4 files changed, 4 insertions(+), 6 deletions(-) + +diff --git a/lib/getdef.c b/lib/getdef.c +index fbaea2e1..2e6022fa 100644 +--- a/lib/getdef.c ++++ b/lib/getdef.c +@@ -345,7 +345,6 @@ unsigned long getdef_ulong (const char *item, unsigned long dflt) + } + + if (getulong (d->value, &val) == 0) { +- /* FIXME: we should have a getulong */ + fprintf (shadow_logfd, + _("configuration error - cannot parse %s value: '%s'"), + item, d->value); +diff --git a/lib/sgetspent.c b/lib/sgetspent.c +index a35b6759..cbadb7e6 100644 +--- a/lib/sgetspent.c ++++ b/lib/sgetspent.c +@@ -171,8 +171,7 @@ struct spwd *sgetspent (const char *string) + + if (fields[8][0] == '\0') { + spwd.sp_flag = SHADOW_SP_FLAG_UNSET; +- } else if (getlong (fields[8], &spwd.sp_flag) == 0) { +- /* FIXME: add a getulong function */ ++ } else if (getulong (fields[8], &spwd.sp_flag) == 0) { + return 0; + } + +diff --git a/lib/shadow.c b/lib/shadow.c +index 9e86b908..b628b657 100644 +--- a/lib/shadow.c ++++ b/lib/shadow.c +@@ -305,8 +305,7 @@ static struct spwd *my_sgetspent (const char *string) + if (fields[8][0] == '\0') { + spwd.sp_flag = SHADOW_SP_FLAG_UNSET; + } else { +- if (getlong (fields[8], &spwd.sp_flag) == 0) { +- /* FIXME: add a getulong function */ ++ if (getulong (fields[8], &spwd.sp_flag) == 0) { + #ifdef USE_NIS + if (nis_used) { + spwd.sp_flag = SHADOW_SP_FLAG_UNSET; +diff --git a/libmisc/salt.c b/libmisc/salt.c +index ebf162fc..450293d7 100644 +--- a/libmisc/salt.c ++++ b/libmisc/salt.c +@@ -341,9 +341,10 @@ static /*@observer@*/const unsigned long BCRYPT_get_salt_rounds (/*@null@*/int * + /* + * Use 19 as an upper bound for now, + * because musl doesn't allow rounds >= 20. ++ * If musl ever supports > 20 rounds, ++ * rounds should be set to B_ROUNDS_MAX. + */ + if (rounds > 19) { +- /* rounds = B_ROUNDS_MAX; */ + rounds = 19; + } + #endif /* USE_XCRYPT_GENSALT */ +-- +2.27.0 + diff --git a/backport-Remove-redeclared-variable.patch b/backport-Remove-redeclared-variable.patch new file mode 100644 index 0000000000000000000000000000000000000000..96f716d644fe84686c63d24d6b77432fa8bb0c9f --- /dev/null +++ b/backport-Remove-redeclared-variable.patch @@ -0,0 +1,31 @@ +From 23baa40d9d96743dd3377de0de8e422b7ec3ed94 Mon Sep 17 00:00:00 2001 +From: Iker Pedrosa +Date: Tue, 10 May 2022 13:23:07 +0200 +Subject: [PATCH] Remove redeclared variable + +No need to redeclare a variable with the same name and type. Just keep +the one with the biggest scope. + +Signed-off-by: Iker Pedrosa + +Reference: https://github.com/shadow-maint/shadow/commit/23baa40d9d96743dd3377de0de8e422b7ec3ed94 +Conflict: NA + +--- + src/vipw.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/src/vipw.c b/src/vipw.c +index 8c97f4bc..488a97d9 100644 +--- a/src/vipw.c ++++ b/src/vipw.c +@@ -293,7 +293,6 @@ vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void)) + /* use the system() call to invoke the editor so that it accepts + command line args in the EDITOR and VISUAL environment vars */ + char *buf; +- int status; + + /* Wait for parent to make us the foreground pgrp. */ + if (orig_pgrp != -1) { +-- +2.27.0 diff --git a/backport-libmisc-add-check-fopen-return-value-in-read_random_.patch b/backport-libmisc-add-check-fopen-return-value-in-read_random_.patch new file mode 100644 index 0000000000000000000000000000000000000000..7794c44c4d3f87109c4e7b84144180f81b7a30f3 --- /dev/null +++ b/backport-libmisc-add-check-fopen-return-value-in-read_random_.patch @@ -0,0 +1,33 @@ +From a43d0b95c44b2c36025452b772b9d4b251281e3e Mon Sep 17 00:00:00 2001 +From: juyin +Date: Wed, 30 Mar 2022 19:21:32 +0800 +Subject: [PATCH] libmisc: add check fopen return value in read_random_bytes() + +Returns null when fopen fails. Then, using fread with a null pointer will cause a segfault. + +Signed-off-by: Yan Zhu + +Reference: https://github.com/shadow-maint/shadow/commit/a43d0b95c44b2c36025452b772b9d4b251281e3e +Conflict: NA + +--- + libmisc/salt.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/libmisc/salt.c b/libmisc/salt.c +index f8ac5669..ebf162fc 100644 +--- a/libmisc/salt.c ++++ b/libmisc/salt.c +@@ -175,6 +175,9 @@ static long read_random_bytes (void) + + #else + FILE *f = fopen ("/dev/urandom", "r"); ++ if (NULL == f) { ++ goto fail; ++ } + + if (fread (&randval, sizeof (randval), 1, f) != 1) { + fclose(f); +-- +2.27.0 + diff --git a/backport-passwd-erase-password-copy-on-all-error-branches.patch b/backport-passwd-erase-password-copy-on-all-error-branches.patch new file mode 100644 index 0000000000000000000000000000000000000000..166a37df7a51a6506de1dc51bdd28d051941e383 --- /dev/null +++ b/backport-passwd-erase-password-copy-on-all-error-branches.patch @@ -0,0 +1,35 @@ +From 58b6e97a9eef866e9e479fb781aaaf59fb11ef36 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= +Date: Mon, 25 Apr 2022 12:17:40 +0200 +Subject: [PATCH] passwd: erase password copy on all error branches + +Reference: https://github.com/shadow-maint/shadow/commit/58b6e97a9eef866e9e479fb781aaaf59fb11ef36 +Conflict: NA + +--- + src/passwd.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/passwd.c b/src/passwd.c +index 80531ec6..8c6f81a9 100644 +--- a/src/passwd.c ++++ b/src/passwd.c +@@ -289,6 +289,7 @@ static int new_password (const struct passwd *pw) + cp = getpass (_("New password: ")); + if (NULL == cp) { + memzero (orig, sizeof orig); ++ memzero (pass, sizeof pass); + return -1; + } + if (warned && (strcmp (pass, cp) != 0)) { +@@ -316,6 +317,7 @@ static int new_password (const struct passwd *pw) + cp = getpass (_("Re-enter new password: ")); + if (NULL == cp) { + memzero (orig, sizeof orig); ++ memzero (pass, sizeof pass); + return -1; + } + if (strcmp (cp, pass) != 0) { +-- +2.27.0 + diff --git a/shadow.spec b/shadow.spec index bbd5854bec6e52014b245491a3cd8bd2c388169c..fc270a4f10f5a893b12e72c0d138719a5af2da46 100644 --- a/shadow.spec +++ b/shadow.spec @@ -1,6 +1,6 @@ Name: shadow Version: 4.9 -Release: 4 +Release: 5 Epoch: 2 License: BSD and GPLv2+ Summary: Tools for managing accounts and shadow password files @@ -39,6 +39,15 @@ Patch19: newgrp-fix-segmentation-fault.patch Patch20: groupdel-fix-SIGSEGV-when-passwd-does-not-exist.patch Patch21: backport-useradd-modify-check-ID-range-for-system-users.patch Patch22: shadow-add-sm3-crypt-support.patch +Patch23: backport-Add-header-guards.patch +Patch24: backport-Change-to-strncat.patch +Patch25: backport-Do-not-return-garbage-in-run_parts.patch +Patch26: backport-Handle-ERANGE-error-correctly.patch +Patch27: backport-Initialize-local-variables.patch +Patch28: backport-Remove-commented-out-code-and-FIXMEs.patch +Patch29: backport-Remove-redeclared-variable.patch +Patch30: backport-libmisc-add-check-fopen-return-value-in-read_random_.patch +Patch31: backport-passwd-erase-password-copy-on-all-error-branches.patch BuildRequires: gcc, libselinux-devel, audit-libs-devel, libsemanage-devel BuildRequires: libacl-devel, libattr-devel @@ -205,6 +214,9 @@ rm -f $RPM_BUILD_ROOT/%{_libdir}/libsubid.la %{_mandir}/*/* %changelog +* Fri Oct 2 2022 zhengxiaoxiao - 2:4.9-5 +- add some backport + * Tue Aug 2 2022 zhengxiaoxiao - 2:4.9-4 - add-sm3-crypt-support.patch add update release to 4.9-4