Release 4.14.3

Signed-off-by: Alejandro Colomar <alx@kernel.org>
lib/sgetgrent.c: fix null pointer dereference
2024-01-16 00:01:06 +01:00 · 2024-01-16 00:00:43 +01:00 · 2023-10-30 00:14:15 +01:00 · 2023-10-30 00:00:28 +01:00 · 2023-10-30 00:00:24 +01:00 · 2023-10-30 00:00:19 +01:00
9 changed files with 64 additions and 14 deletions
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ m4_define([libsubid_abi_major], 4)
 m4_define([libsubid_abi_minor], 0)
 m4_define([libsubid_abi_micro], 0)
 m4_define([libsubid_abi], [libsubid_abi_major.libsubid_abi_minor.libsubid_abi_micro])
-AC_INIT([shadow], [4.14.1], [pkg-shadow-devel@lists.alioth.debian.org], [],
+AC_INIT([shadow], [4.14.3], [pkg-shadow-devel@lists.alioth.debian.org], [],
 	[https://github.com/shadow-maint/shadow])
 AM_INIT_AUTOMAKE([1.11 foreign dist-xz])
 AC_CONFIG_MACRO_DIRS([m4])
--- a/lib/btrfs.c
+++ b/lib/btrfs.c
@@ -39,7 +39,7 @@ static int run_btrfs_subvolume_cmd(const char *subcmd, const char *arg1, const c
 		NULL
 	};

-	if (access(cmd, X_OK)) {
+	if (!cmd || access(cmd, X_OK)) {
 		return 1;
 	}

--- a/lib/readpassphrase.h
+++ b/lib/readpassphrase.h
@@ -36,8 +36,12 @@
 #endif
 #include <sys/types.h>

-__BEGIN_DECLS
+#ifdef __cplusplus
+extern "C" {
+#endif
 char * readpassphrase(const char *, char *, size_t, int);
-__END_DECLS
+#ifdef __cplusplus
+}
+#endif

 #endif /* !LIBBSD_READPASSPHRASE_H */
--- a/lib/sgetgrent.c
+++ b/lib/sgetgrent.c
@@ -37,8 +37,8 @@
 static char **list (char *s)
 {
 	static char **members = NULL;
-	static int size = 0;	/* max members + 1 */
-	int i;
+	static size_t size = 0;	/* max members + 1 */
+	size_t i;

 	i = 0;
 	for (;;) {
@@ -47,8 +47,10 @@ static char **list (char *s)
 		if (i >= size) {
 			size = i + 100;	/* at least: i + 1 */
 			members = REALLOCF(members, size, char *);
-			if (!members)
+			if (!members) {
+				size = 0;
 				return NULL;
+			}
 		}
 		if (!s || s[0] == '\0')
 			break;
--- a/lib/utmp.c
+++ b/lib/utmp.c
@@ -368,17 +368,16 @@ int update_utmp (const char *user,
 	struct utmp *utent, *ut;

 	utent = get_current_utmp ();
-	if (utent == NULL) {
-		return -1;
-	}
-
 	ut = prepare_utmp  (user, tty, host, utent);

 	(void) setutmp  (ut);	/* make entry in the utmp & wtmp files */
-	free (utent);
+
+	if (utent != NULL) {
+		free (utent);
+	}
 	free (ut);

-	return 1;
+	return 0;
 }

 void record_failure(const char *failent_user,
--- a/man/chage.1.xml
+++ b/man/chage.1.xml
@@ -198,6 +198,21 @@
 	  </para>
 	</listitem>
      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-P</option>, <option>--prefix</option>&nbsp;<replaceable>PREFIX_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Apply changes to configuration files under the root filesystem
+	    found under the directory <replaceable>PREFIX_DIR</replaceable>.
+	    This option does not chroot and is intended for preparing a cross-compilation
+	    target.  Some limitations: NIS and LDAP users/groups are
+	    not verified.  PAM authentication is using the host files.
+	    No SELINUX support.
+	  </para>
+	</listitem>
+      </varlistentry>
      <varlistentry>
 	<term>
 	  <option>-W</option>, <option>--warndays</option>&nbsp;<replaceable>WARN_DAYS</replaceable>
--- a/man/chpasswd.8.xml
+++ b/man/chpasswd.8.xml
@@ -173,6 +173,21 @@
 	  </para>
 	</listitem>
      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-P</option>, <option>--prefix</option>&nbsp;<replaceable>PREFIX_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Apply changes to configuration files under the root filesystem
+	    found under the directory <replaceable>PREFIX_DIR</replaceable>.
+	    This option does not chroot and is intended for preparing a cross-compilation
+	    target.  Some limitations: NIS and LDAP users/groups are
+	    not verified.  PAM authentication is using the host files.
+	    No SELINUX support.
+	  </para>
+	</listitem>
+      </varlistentry>
      <varlistentry condition="sha_crypt">
 	<term>
 	  <option>-s</option>, <option>--sha-rounds</option>&nbsp;<replaceable>ROUNDS</replaceable>
--- a/man/passwd.1.xml
+++ b/man/passwd.1.xml
@@ -280,6 +280,21 @@
 	  </para>
 	</listitem>
      </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-P</option>, <option>--prefix</option>&nbsp;<replaceable>PREFIX_DIR</replaceable>
+	</term>
+	<listitem>
+	  <para>
+	    Apply changes to configuration files under the root filesystem
+	    found under the directory <replaceable>PREFIX_DIR</replaceable>.
+	    This option does not chroot and is intended for preparing a cross-compilation
+	    target.  Some limitations: NIS and LDAP users/groups are
+	    not verified.  PAM authentication is using the host files.
+	    No SELINUX support.
+	  </para>
+	</listitem>
+      </varlistentry>
      <varlistentry>
 	<term>
 	  <option>-S</option>, <option>--status</option>
--- a/src/useradd.c
+++ b/src/useradd.c
@@ -2787,7 +2787,7 @@ int main (int argc, char **argv)
 		if (home_added) {
 			copy_tree (def_template, prefix_user_home, false, true,
 			           (uid_t)-1, user_id, (gid_t)-1, user_gid);
-			copy_tree (def_usrtemplate, prefix_user_home, false, false,
+			copy_tree (def_usrtemplate, prefix_user_home, false, true,
 			           (uid_t)-1, user_id, (gid_t)-1, user_gid);
 		} else {
 			fprintf (stderr,
Author	SHA1	Message	Date
Alejandro Colomar	eae0b02796	Release 4.14.3 Signed-off-by: Alejandro Colomar <alx@kernel.org>	2024-01-16 00:01:06 +01:00
Samanta Navarro	1c6a1206bd	lib/sgetgrent.c: fix null pointer dereference If reallocation fails in function list, then reset the size to 0 again. Without the reset, the next call assumes that `members` points to a memory location with reserved space. Also use size_t instead of int for size to prevent signed integer overflows. The length of group lines is not limited. Fixes `45c0003e53` (4.14 release series) Proof of Concept: - Prepare a group file (one long group line and a shorter one, both with a list of users) $ echo -n "root:x:0:" > /tmp/uwu $ yes , \| tr -d '\n' \| dd of=/tmp/uwu bs=10 count=3145728 seek=1 conv=notrunc iflag=fullblock $ echo -e "\nbin:x:1:," >> /tmp/uwu - Run grpck with tight memory constraints $ ulimit -d 102400 $ grpck /tmp/uwu Segmentation fault (core dumped) Reviewed-by: Alejandro Colomar <alx@kernel.org> Signed-off-by: Samanta Navarro <ferivoz@riseup.net> Cherry-picked-from: `a9e07c0feb` ("lib/sgetgrent.c: fix null pointer dereference") Link: <https://github.com/shadow-maint/shadow/pull/904> Signed-off-by: Alejandro Colomar <alx@kernel.org>	2024-01-16 00:00:43 +01:00
Alejandro Colomar	22656c36a2	Release 4.14.2 Link: <https://github.com/shadow-maint/shadow/pull/824> Reviewed-by: Michael Vetter <jubalh@iodoru.org> Signed-off-by: Alejandro Colomar <alx@kernel.org>	2023-10-30 00:14:15 +01:00
Michael Vetter	11071522a2	man: document --prefix option in chage, chpasswd and passwd Support for `--prefix` was added in https://github.com/shadow-maint/shadow/pull/714 and is available since shadow 4.14.0. Close https://github.com/shadow-maint/shadow/issues/822 Cherry-picked-from: `01f6258df7` ("man: document --prefix option in chage, chpasswd and passwd") Link: <https://github.com/shadow-maint/shadow/pull/823> Suggested-by: Michael Vetter <jubalh@iodoru.org> Signed-off-by: Alejandro Colomar <alx@kernel.org>	2023-10-30 00:00:28 +01:00
Johannes Segitz	909036d714	useradd: Set proper SELinux labels for def_usrtemplate Fixes: `74c17c716` ("Add support for skeleton files from /usr/etc/skel") Signed-off-by: Johannes Segitz <jsegitz@suse.com> Cherry-picked-from: `48aa12af31` Link: <https://github.com/shadow-maint/shadow/pull/812> Reviewed-by: Michael Vetter <jubalh@iodoru.org> Signed-off-by: Alejandro Colomar <alx@kernel.org>	2023-10-30 00:00:24 +01:00
Iker Pedrosa	de50b39475	utmp: call prepare_utmp() even if utent is NULL update_utmp() should also return 0 when success. Fixes: `1f368e1c18` ("utmp: update `update_utmp()") Resolves: https://github.com/shadow-maint/shadow/issues/805 Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com> Cherry-picked-from: `5178f8c5af` Link: <https://github.com/shadow-maint/shadow/issues/805> Link: <https://github.com/shadow-maint/shadow/pull/808> Reviewed-by: Michael Vetter <jubalh@iodoru.org> Signed-off-by: Alejandro Colomar <alx@kernel.org>	2023-10-30 00:00:19 +01:00
Christian Göttsche	b5c99ec30e	lib/btrfs: avoid NULL-dereference btrfs.c:42:13: warning: use of NULL 'cmd' where non-null expected [CWE-476] [-Wanalyzer-null-argument] Reviewed-by: Alejandro Colomar <alx@kernel.org> Cherry-picked-from: `54ab542887` Link: <https://github.com/shadow-maint/shadow/pull/770> Reviewed-by: Michael Vetter <jubalh@iodoru.org> Signed-off-by: Alejandro Colomar <alx@kernel.org>	2023-10-30 00:00:15 +01:00
Heiko Becker	58b96645c9	Replace __{BEGIN,END}_DECLS with #ifdef __cplusplus Fixes the build with musl libc. Cherry-picked-from: `890f911e17` Link: <https://github.com/shadow-maint/shadow/pull/789> Reviewed-by: Michael Vetter <jubalh@iodoru.org> Signed-off-by: Alejandro Colomar <alx@kernel.org>	2023-10-30 00:00:10 +01:00