Release 4.14.7

Closes: <https://github.com/shadow-maint/shadow/issues/959> Signed-off-by: Alejandro Colomar <alx@kernel.org>
lib/copydir.c: copy_entry(): Use temporary stat buffer
2024-03-26 20:46:18 +01:00 · 2024-03-22 00:19:06 +01:00 · 2024-03-22 00:10:24 +01:00 · 2024-03-13 23:19:51 +01:00 · 2024-03-08 17:42:18 +01:00 · 2024-03-08 17:42:09 +01:00
44 changed files with 182 additions and 211 deletions
--- a/configure.ac
+++ b/configure.ac
@@ -4,7 +4,7 @@ m4_define([libsubid_abi_major], 4)
 m4_define([libsubid_abi_minor], 0)
 m4_define([libsubid_abi_micro], 0)
 m4_define([libsubid_abi], [libsubid_abi_major.libsubid_abi_minor.libsubid_abi_micro])
-AC_INIT([shadow], [4.14.6], [pkg-shadow-devel@lists.alioth.debian.org], [],
+AC_INIT([shadow], [4.14.7], [pkg-shadow-devel@lists.alioth.debian.org], [],
 	[https://github.com/shadow-maint/shadow])
 AM_INIT_AUTOMAKE([1.11 foreign dist-xz])
 AC_CONFIG_MACRO_DIRS([m4])
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -53,6 +53,7 @@ libshadow_la_SOURCES = \
 	faillog.h \
 	failure.c \
 	failure.h \
+	fd.c \
 	fields.c \
 	find_new_gid.c \
 	find_new_uid.c \
--- a/lib/copydir.c
+++ b/lib/copydir.c
@@ -415,6 +415,7 @@ static int copy_entry (const struct path_info *src, const struct path_info *dst,
 {
 	int err = 0;
 	struct stat sb;
+	struct stat tmp_sb;
 	struct link_name *lp;
 	struct timespec mt[2];

@@ -436,7 +437,7 @@ static int copy_entry (const struct path_info *src, const struct path_info *dst,
 		 * If the destination already exists do nothing.
 		 * This is after the copy_dir above to still iterate into subdirectories.
 		 */
-		if (fstatat(dst->dirfd, dst->name, &sb, AT_SYMLINK_NOFOLLOW) != -1) {
+		if (fstatat(dst->dirfd, dst->name, &tmp_sb, AT_SYMLINK_NOFOLLOW) != -1) {
 			return 0;
 		}

--- a/lib/fd.c
+++ b/lib/fd.c
@@ -0,0 +1,41 @@
+// SPDX-FileCopyrightText: 2024, Skyler Ferrante <sjf5462@rit.edu>
+// SPDX-License-Identifier: BSD-3-Clause
+
+/**
+ * To protect against file descriptor omission attacks, we open the std file
+ * descriptors with /dev/null if they are not already open. Code is based on
+ * fix_fds from sudo.c.
+ */
+
+#include <fcntl.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+#include "prototypes.h"
+
+static void check_fd(int fd);
+
+void
+check_fds(void)
+{
+	/**
+	 * Make sure stdin, stdout, stderr are open
+	 * If they are closed, set them to /dev/null
+	 */
+	check_fd(STDIN_FILENO);
+	check_fd(STDOUT_FILENO);
+	check_fd(STDERR_FILENO);
+}
+
+static void
+check_fd(int fd)
+{
+	int  devnull;
+
+	if (fcntl(fd, F_GETFL, 0) != -1)
+		return;
+
+	devnull = open("/dev/null", O_RDWR);
+	if (devnull != fd)
+		abort();
+}
--- a/lib/prototypes.h
+++ b/lib/prototypes.h
@@ -127,6 +127,9 @@ extern void initenv (void);
 extern void set_env (int, char *const *);
 extern void sanitize_env (void);

+/* fd.c */
+extern void check_fds (void);
+
 /* fields.c */
 extern void change_field (char *, size_t, const char *);
 extern int valid_field (const char *, const char *);
--- a/man/po/fr.po
+++ b/man/po/fr.po
@@ -2610,7 +2610,7 @@ msgstr ""

 #: useradd.8.xml:641(para)
 msgid "Usernames may only be up to 32 characters long."
-msgstr "Les noms d'utilisateur sont limités à 16 caractères."
+msgstr "Les noms d'utilisateur sont limités à 32 caractères."

 #: useradd.8.xml:30(term) login.defs.5.xml:30(term)
 msgid "<option>CREATE_HOME</option> (boolean)"
--- a/src/chage.c
+++ b/src/chage.c
@@ -41,7 +41,7 @@
 /*
 * Global variables
 */
-const char *Prog;
+static const char Prog[] = "chage";

 static bool
    dflg = false,		/* set last password change date */
@@ -511,7 +511,7 @@ static void check_perms (void)
 		exit (E_NOPERM);
 	}

-	retval = pam_start ("chage", pampw->pw_name, &conv, &pamh);
+	retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);

 	if (PAM_SUCCESS == retval) {
 		retval = pam_authenticate (pamh, 0);
@@ -762,14 +762,12 @@ int main (int argc, char **argv)
 	gid_t rgid;
 	const struct passwd *pw;

-	/*
-	 * Get the program name so that error messages can use it.
-	 */
-	Prog = Basename (argv[0]);
+	sanitize_env ();
+	check_fds ();
+
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

-	sanitize_env ();
 	(void) setlocale (LC_ALL, "");
 	(void) bindtextdomain (PACKAGE, LOCALEDIR);
 	(void) textdomain (PACKAGE);
@@ -780,7 +778,7 @@ int main (int argc, char **argv)
 #ifdef WITH_AUDIT
 	audit_help_open ();
 #endif
-	OPENLOG ("chage");
+	OPENLOG (Prog);

 	ruid = getuid ();
 	rgid = getgid ();
--- a/src/check_subid_range.c
+++ b/src/check_subid_range.c
@@ -18,14 +18,13 @@
 #include "idmapping.h"
 #include "shadowlog.h"

-const char *Prog;
+static const char Prog[] = "check_subid_range";

 int main(int argc, char **argv)
 {
 	char *owner;
 	unsigned long start, count;
 	bool check_uids;
-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

--- a/src/chfn.c
+++ b/src/chfn.c
@@ -36,7 +36,7 @@
 /*
 * Global variables.
 */
-const char *Prog;
+static const char Prog[] = "chfn";
 static char fullnm[BUFSIZ];
 static char roomno[BUFSIZ];
 static char workph[BUFSIZ];
@@ -362,7 +362,7 @@ static void check_perms (const struct passwd *pw)
 	 * check if the change is allowed by SELinux policy.
 	 */
 	if ((pw->pw_uid != getuid ())
-	    && (check_selinux_permit ("chfn") != 0)) {
+	    && (check_selinux_permit (Prog) != 0)) {
 		fprintf (stderr, _("%s: Permission denied.\n"), Prog);
 		closelog ();
 		exit (E_NOPERM);
@@ -377,7 +377,7 @@ static void check_perms (const struct passwd *pw)
 	 * --marekm
 	 */
 	if (!amroot && getdef_bool ("CHFN_AUTH")) {
-		passwd_check (pw->pw_name, pw->pw_passwd, "chfn");
+		passwd_check (pw->pw_name, pw->pw_passwd, Prog);
 	}

 #else				/* !USE_PAM */
@@ -389,7 +389,7 @@ static void check_perms (const struct passwd *pw)
 		exit (E_NOPERM);
 	}

-	retval = pam_start ("chfn", pampw->pw_name, &conv, &pamh);
+	retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);

 	if (PAM_SUCCESS == retval) {
 		retval = pam_authenticate (pamh, 0);
@@ -616,15 +616,12 @@ int main (int argc, char **argv)
 	char new_gecos[BUFSIZ];	/* buffer for new GECOS fields       */
 	char *user;

-	/*
-	 * Get the program name. The program name is used as a
-	 * prefix to most error messages.
-	 */
-	Prog = Basename (argv[0]);
+	sanitize_env ();
+	check_fds ();
+
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

-	sanitize_env ();
 	(void) setlocale (LC_ALL, "");
 	(void) bindtextdomain (PACKAGE, LOCALEDIR);
 	(void) textdomain (PACKAGE);
@@ -637,7 +634,7 @@ int main (int argc, char **argv)
 	 */
 	amroot = (getuid () == 0);

-	OPENLOG ("chfn");
+	OPENLOG (Prog);

 	/* parse the command line options */
 	process_flags (argc, argv);
--- a/src/chgpasswd.c
+++ b/src/chgpasswd.c
@@ -36,7 +36,7 @@
 /*
 * Global variables
 */
-const char *Prog;
+static const char Prog[] = "chgpasswd";
 static bool eflg   = false;
 static bool md5flg = false;
 #if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
@@ -303,7 +303,7 @@ static void check_perms (void)
 		exit (1);
 	}

-	retval = pam_start ("chgpasswd", pampw->pw_name, &conv, &pamh);
+	retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);

 	if (PAM_SUCCESS == retval) {
 		retval = pam_authenticate (pamh, 0);
@@ -423,7 +423,6 @@ int main (int argc, char **argv)
 	int errors = 0;
 	int line = 0;

-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

@@ -441,7 +440,7 @@ int main (int argc, char **argv)

 	process_flags (argc, argv);

-	OPENLOG ("chgpasswd");
+	OPENLOG (Prog);

 	check_perms ();

--- a/src/chpasswd.c
+++ b/src/chpasswd.c
@@ -35,7 +35,7 @@
 /*
 * Global variables
 */
-const char *Prog;
+static const char Prog[] = "chpasswd";
 static bool eflg   = false;
 static bool md5flg = false;
 #if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
@@ -302,7 +302,7 @@ static void check_perms (void)
 		exit (1);
 	}

-	retval = pam_start ("chpasswd", pampw->pw_name, &conv, &pamh);
+	retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);

 	if (PAM_SUCCESS == retval) {
 		retval = pam_authenticate (pamh, 0);
@@ -450,7 +450,6 @@ int main (int argc, char **argv)
 	int errors = 0;
 	int line = 0;

-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

@@ -476,7 +475,7 @@ int main (int argc, char **argv)
 	}
 #endif				/* USE_PAM */

-	OPENLOG ("chpasswd");
+	OPENLOG (Prog);

 	check_perms ();

@@ -546,7 +545,7 @@ int main (int argc, char **argv)

 #ifdef USE_PAM
 		if (use_pam) {
-			if (do_pam_passwd_non_interactive ("chpasswd", name, newpwd) != 0) {
+			if (do_pam_passwd_non_interactive (Prog, name, newpwd) != 0) {
 				fprintf (stderr,
 				         _("%s: (line %d, user %s) password not changed\n"),
 				         Prog, line, name);
--- a/src/chsh.c
+++ b/src/chsh.c
@@ -45,7 +45,7 @@
 /*
 * Global variables
 */
-const char *Prog;		/* Program name */
+static const char Prog[] = "chsh";	/* Program name */
 static bool amroot;		/* Real UID is root */
 static char loginsh[BUFSIZ];	/* Name of new login shell */
 /* command line options */
@@ -320,7 +320,7 @@ static void check_perms (const struct passwd *pw)
 	 * check if the change is allowed by SELinux policy.
 	 */
 	if ((pw->pw_uid != getuid ())
-	    && (check_selinux_permit("chsh") != 0)) {
+	    && (check_selinux_permit(Prog) != 0)) {
 		SYSLOG ((LOG_WARN, "can't change shell for '%s'", pw->pw_name));
 		fprintf (stderr,
 		         _("You may not change the shell for '%s'.\n"),
@@ -337,7 +337,7 @@ static void check_perms (const struct passwd *pw)
 	 * chfn/chsh.  --marekm
 	 */
 	if (!amroot && getdef_bool ("CHSH_AUTH")) {
-		passwd_check (pw->pw_name, pw->pw_passwd, "chsh");
+		passwd_check (pw->pw_name, pw->pw_passwd, Prog);
        }

 #else				/* !USE_PAM */
@@ -349,7 +349,7 @@ static void check_perms (const struct passwd *pw)
 		exit (E_NOPERM);
 	}

-	retval = pam_start ("chsh", pampw->pw_name, &conv, &pamh);
+	retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);

 	if (PAM_SUCCESS == retval) {
 		retval = pam_authenticate (pamh, 0);
@@ -473,12 +473,8 @@ int main (int argc, char **argv)
 	const struct passwd *pw;	/* Password entry from /etc/passwd   */

 	sanitize_env ();
+	check_fds ();

-	/*
-	 * Get the program name. The program name is used as a prefix to
-	 * most error messages.
-	 */
-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

@@ -493,7 +489,7 @@ int main (int argc, char **argv)
 	 */
 	amroot = (getuid () == 0);

-	OPENLOG ("chsh");
+	OPENLOG (Prog);

 	/* parse the command line options */
 	process_flags (argc, argv);
--- a/src/expiry.c
+++ b/src/expiry.c
@@ -23,7 +23,7 @@
 #include "shadowlog.h"

 /* Global variables */
-const char *Prog;
+static const char Prog[] = "expiry";
 static bool cflg = false;

 /* local function prototypes */
@@ -123,12 +123,12 @@ int main (int argc, char **argv)
 	struct passwd *pwd;
 	struct spwd *spwd;

-	Prog = Basename (argv[0]);
+	sanitize_env ();
+	check_fds ();
+
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

-	sanitize_env ();
-
 	/*
 	 * Start by disabling all of the keyboard signals.
 	 */
@@ -145,7 +145,7 @@ int main (int argc, char **argv)
 	(void) bindtextdomain (PACKAGE, LOCALEDIR);
 	(void) textdomain (PACKAGE);

-	OPENLOG ("expiry");
+	OPENLOG (Prog);

 	process_flags (argc, argv);

--- a/src/faillog.c
+++ b/src/faillog.c
@@ -39,7 +39,7 @@ static void reset (void);
 /*
 * Global variables
 */
-const char *Prog;		/* Program name */
+static const char Prog[] = "faillog";	/* Program name */
 static FILE *fail;		/* failure file stream */
 static time_t seconds;		/* that number of days in seconds */
 static unsigned long umin;	/* if uflg and has_umin, only display users with uid >= umin */
@@ -543,11 +543,6 @@ int main (int argc, char **argv)
 	short fail_max = 0; // initialize to silence compiler warning
 	long days = 0;

-	/*
-	 * Get the program name. The program name is used as a prefix to
-	 * most error messages.
-	 */
-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

--- a/src/free_subid_range.c
+++ b/src/free_subid_range.c
@@ -9,7 +9,7 @@

 /* Test program for the subid freeing routine */

-const char *Prog;
+static const char Prog[] = "free_subid_range";

 static void usage(void)
 {
@@ -25,7 +25,6 @@ int main(int argc, char *argv[])
 	struct subordinate_range range;
 	bool group = false;   // get subuids by default

-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);
 	while ((c = getopt(argc, argv, "g")) != EOF) {
--- a/src/get_subid_owners.c
+++ b/src/get_subid_owners.c
@@ -6,7 +6,7 @@
 #include "prototypes.h"
 #include "shadowlog.h"

-const char *Prog;
+static const char Prog[] = "get_subid_owners";

 static void usage(void)
 {
@@ -21,7 +21,6 @@ int main(int argc, char *argv[])
 	int i, n;
 	uid_t *uids;

-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);
 	if (argc < 2) {
--- a/src/getsubids.c
+++ b/src/getsubids.c
@@ -7,7 +7,7 @@
 #include "prototypes.h"
 #include "shadowlog.h"

-const char *Prog;
+static const char Prog[] = "getsubids";

 static void usage(void)
 {
@@ -23,7 +23,6 @@ int main(int argc, char *argv[])
 	struct subid_range *ranges;
 	const char *owner;

-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);
 	if (argc < 2)
--- a/src/gpasswd.c
+++ b/src/gpasswd.c
@@ -37,7 +37,7 @@
 * Global variables
 */
 /* The name of this command, as it is invoked */
-const char *Prog;
+static const char Prog[] = "gpasswd";

 #ifdef SHADOWGRP
 /* Indicate if shadow groups are enabled on the system
@@ -956,6 +956,8 @@ int main (int argc, char **argv)
 #endif

 	sanitize_env ();
+	check_fds ();
+
 	(void) setlocale (LC_ALL, "");
 	(void) bindtextdomain (PACKAGE, LOCALEDIR);
 	(void) textdomain (PACKAGE);
@@ -968,11 +970,10 @@ int main (int argc, char **argv)
 	 * with this command.
 	 */
 	bywho = getuid ();
-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

-	OPENLOG ("gpasswd");
+	OPENLOG (Prog);
 	setbuf (stdout, NULL);
 	setbuf (stderr, NULL);

--- a/src/groupadd.c
+++ b/src/groupadd.c
@@ -50,7 +50,7 @@
 /*
 * Global variables
 */
-const char *Prog;
+static const char Prog[] = "groupadd";

 static /*@null@*/char *group_name;
 static gid_t group_id;
@@ -542,7 +542,7 @@ static void check_perms (void)
 		exit (1);
 	}

-	retval = pam_start ("groupadd", pampw->pw_name, &conv, &pamh);
+	retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);

 	if (PAM_SUCCESS == retval) {
 		retval = pam_authenticate (pamh, 0);
@@ -571,10 +571,6 @@ static void check_perms (void)
 */
 int main (int argc, char **argv)
 {
-	/*
-	 * Get my name so that I can use it to report errors.
-	 */
-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

@@ -585,7 +581,7 @@ int main (int argc, char **argv)
 	process_root_flag ("-R", argc, argv);
 	prefix = process_prefix_flag ("-P", argc, argv);

-	OPENLOG ("groupadd");
+	OPENLOG (Prog);
 #ifdef WITH_AUDIT
 	audit_help_open ();
 #endif
@@ -605,7 +601,7 @@ int main (int argc, char **argv)
 	check_perms ();

 	if (run_parts ("/etc/shadow-maint/groupadd-pre.d", group_name,
-			"groupadd")) {
+			Prog)) {
 		exit(1);
 	}

@@ -628,7 +624,7 @@ int main (int argc, char **argv)
 	grp_update ();
 	close_files ();
 	if (run_parts ("/etc/shadow-maint/groupadd-post.d", group_name,
-			"groupadd")) {
+			Prog)) {
 		exit(1);
 	}

--- a/src/groupdel.c
+++ b/src/groupdel.c
@@ -36,7 +36,7 @@
 /*
 * Global variables
 */
-const char *Prog;
+static const char Prog[] = "groupdel";

 static char *group_name;
 static gid_t group_id = -1;
@@ -349,10 +349,6 @@ int main (int argc, char **argv)
 #endif				/* USE_PAM */
 #endif				/* ACCT_TOOLS_SETUID */

-	/*
-	 * Get my name so that I can use it to report errors.
-	 */
-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

@@ -363,7 +359,7 @@ int main (int argc, char **argv)
 	process_root_flag ("-R", argc, argv);
 	prefix = process_prefix_flag ("-P", argc, argv);

-	OPENLOG ("groupdel");
+	OPENLOG (Prog);
 #ifdef WITH_AUDIT
 	audit_help_open ();
 #endif
@@ -389,7 +385,7 @@ int main (int argc, char **argv)
 			exit (1);
 		}

-		retval = pam_start ("groupdel", pampw->pw_name, &conv, &pamh);
+		retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
 	}

 	if (PAM_SUCCESS == retval) {
@@ -463,7 +459,7 @@ int main (int argc, char **argv)
 	}

 	if (run_parts ("/etc/shadow-maint/groupdel-pre.d", group_name,
-			"groupdel")) {
+			Prog)) {
 		exit(1);
 	}

@@ -478,7 +474,7 @@ int main (int argc, char **argv)
 	close_files ();

 	if (run_parts ("/etc/shadow-maint/groupdel-post.d", group_name,
-			"groupdel")) {
+			Prog)) {
 		exit(1);
 	}

--- a/src/groupmems.c
+++ b/src/groupmems.c
@@ -44,7 +44,7 @@
 /*
 * Global variables
 */
-const char *Prog;
+static const char Prog[] = "groupmems";

 static char *adduser = NULL;
 static char *deluser = NULL;
@@ -443,7 +443,7 @@ static void check_perms (void)
 			fail_exit (1);
 		}

-		retval = pam_start ("groupmems", pampw->pw_name, &conv, &pamh);
+		retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);

 		if (PAM_SUCCESS == retval) {
 			retval = pam_authenticate (pamh, 0);
@@ -573,10 +573,6 @@ int main (int argc, char **argv)
 	char *name;
 	const struct group *grp;

-	/*
-	 * Get my name so that I can use it to report errors.
-	 */
-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

@@ -586,7 +582,7 @@ int main (int argc, char **argv)

 	process_root_flag ("-R", argc, argv);

-	OPENLOG ("groupmems");
+	OPENLOG (Prog);

 #ifdef SHADOWGRP
 	is_shadowgrp = sgr_file_present ();
--- a/src/groupmod.c
+++ b/src/groupmod.c
@@ -58,7 +58,7 @@
 /*
 * Global variables
 */
-const char *Prog;
+static const char Prog[] = "groupmod";

 #ifdef	SHADOWGRP
 static bool is_shadow_grp;
@@ -750,10 +750,6 @@ int main (int argc, char **argv)
 #endif				/* USE_PAM */
 #endif				/* ACCT_TOOLS_SETUID */

-	/*
-	 * Get my name so that I can use it to report errors.
-	 */
-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

@@ -764,7 +760,7 @@ int main (int argc, char **argv)
 	process_root_flag ("-R", argc, argv);
 	prefix = process_prefix_flag ("-P", argc, argv);

-	OPENLOG ("groupmod");
+	OPENLOG (Prog);
 #ifdef WITH_AUDIT
 	audit_help_open ();
 #endif
@@ -790,7 +786,7 @@ int main (int argc, char **argv)
 			exit (E_PAM_USERNAME);
 		}

-		retval = pam_start ("groupmod", pampw->pw_name, &conv, &pamh);
+		retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
 	}

 	if (PAM_SUCCESS == retval) {
--- a/src/groups.c
+++ b/src/groups.c
@@ -23,7 +23,7 @@
 /*
 * Global variables
 */
-const char *Prog;
+static const char Prog[] = "groups";

 /* local function prototypes */
 static void print_groups (const char *member);
@@ -97,10 +97,6 @@ int main (int argc, char **argv)
 	(void) bindtextdomain (PACKAGE, LOCALEDIR);
 	(void) textdomain (PACKAGE);

-	/*
-	 * Get the program name so that error messages can use it.
-	 */
-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

--- a/src/grpck.c
+++ b/src/grpck.c
@@ -43,7 +43,7 @@
 /*
 * Global variables
 */
-const char *Prog;
+static const char Prog[] = "grpck";

 static const char *grp_file = GROUP_FILE;
 static bool use_system_grp_file = true;
@@ -816,10 +816,6 @@ int main (int argc, char **argv)
 	int errors = 0;
 	bool changed = false;

-	/*
-	 * Get my name so that I can use it to report errors.
-	 */
-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

@@ -829,7 +825,7 @@ int main (int argc, char **argv)

 	process_root_flag ("-R", argc, argv);

-	OPENLOG ("grpck");
+	OPENLOG (Prog);

 	/* Parse the command line arguments */
 	process_flags (argc, argv);
--- a/src/grpconv.c
+++ b/src/grpconv.c
@@ -36,7 +36,7 @@
 /*
 * Global variables
 */
-const char *Prog;
+static const char Prog[] = "grpconv";

 static bool gr_locked  = false;
 static bool sgr_locked = false;
@@ -123,7 +123,6 @@ int main (int argc, char **argv)
 	const struct sgrp *sg;
 	struct sgrp sgent;

-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

@@ -133,7 +132,7 @@ int main (int argc, char **argv)

 	process_root_flag ("-R", argc, argv);

-	OPENLOG ("grpconv");
+	OPENLOG (Prog);

 	process_flags (argc, argv);

--- a/src/grpunconv.c
+++ b/src/grpunconv.c
@@ -36,7 +36,7 @@
 /*
 * Global variables
 */
-const char *Prog;
+static const char Prog[] = "grpunconv";

 static bool gr_locked  = false;
 static bool sgr_locked = false;
@@ -122,7 +122,6 @@ int main (int argc, char **argv)
 	struct group grent;
 	const struct sgrp *sg;

-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

@@ -132,7 +131,7 @@ int main (int argc, char **argv)

 	process_root_flag ("-R", argc, argv);

-	OPENLOG ("grpunconv");
+	OPENLOG (Prog);

 	process_flags (argc, argv);

--- a/src/lastlog.c
+++ b/src/lastlog.c
@@ -39,7 +39,7 @@
 /*
 * Global variables
 */
-const char *Prog;		/* Program name */
+static const char Prog[] = "lastlog";	/* Program name */
 static FILE *lastlogfile;	/* lastlog file stream */
 static unsigned long umin;	/* if uflg and has_umin, only display users with uid >= umin */
 static bool has_umin = false;
@@ -290,7 +290,6 @@ int main (int argc, char **argv)
 	 * Get the program name. The program name is used as a prefix to
 	 * most error messages.
 	 */
-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

--- a/src/login.c
+++ b/src/login.c
@@ -64,7 +64,7 @@ static pam_handle_t *pamh = NULL;
 /*
 * Global variables
 */
-const char *Prog;
+static const char Prog[] = "login";

 static const char *hostname = "";
 static /*@null@*/ /*@only@*/char *username = NULL;
@@ -520,7 +520,6 @@ int main (int argc, char **argv)
 	initenv ();

 	amroot = (getuid () == 0);
-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

@@ -587,7 +586,7 @@ int main (int argc, char **argv)
 	}
 #endif				/* RLOGIN */

-	OPENLOG ("login");
+	OPENLOG (Prog);

 	setup_tty ();

@@ -673,7 +672,7 @@ int main (int argc, char **argv)
 	retries = getdef_unum ("LOGIN_RETRIES", RETRIES);

 #ifdef USE_PAM
-	retcode = pam_start ("login", username, &conv, &pamh);
+	retcode = pam_start (Prog, username, &conv, &pamh);
 	if (retcode != PAM_SUCCESS) {
 		fprintf (stderr,
 		         _("login: PAM Failure, aborting: %s\n"),
--- a/src/logoutd.c
+++ b/src/logoutd.c
@@ -22,7 +22,7 @@
 /*
 * Global variables
 */
-const char *Prog;
+static const char Prog[] = "logoutd";

 #ifndef DEFAULT_HUP_MESG
 #define DEFAULT_HUP_MESG _("login time exceeded\n\n")
@@ -157,11 +157,10 @@ main(int argc, char **argv)
 	/*
 	 * Start syslogging everything
 	 */
-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

-	OPENLOG ("logoutd");
+	OPENLOG (Prog);

 	/*
 	 * Scan the utmp file once per minute looking for users that
--- a/src/new_subid_range.c
+++ b/src/new_subid_range.c
@@ -9,7 +9,7 @@

 /* Test program for the subid creation routine */

-const char *Prog;
+static const char Prog[] = "new_subid_range";

 static void usage(void)
 {
@@ -28,7 +28,6 @@ int main(int argc, char *argv[])
 	bool group = false;   // get subuids by default
 	bool ok;

-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);
 	while ((c = getopt(argc, argv, "gn")) != EOF) {
--- a/src/newgidmap.c
+++ b/src/newgidmap.c
@@ -23,7 +23,7 @@
 /*
 * Global variables
 */
-const char *Prog;
+static const char Prog[] = "newgidmap";


 static bool verify_range(struct passwd *pw, struct map_range *range, bool *allow_setgroups)
@@ -151,7 +151,6 @@ int main(int argc, char **argv)
 	struct passwd *pw;
 	bool allow_setgroups = false;

-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

--- a/src/newgrp.c
+++ b/src/newgrp.c
@@ -28,7 +28,7 @@
 /*
 * Global variables
 */
-const char *Prog;
+static const char *Prog;

 extern char **newenvp;

@@ -390,6 +390,9 @@ int main (int argc, char **argv)
 #ifdef WITH_AUDIT
 	audit_help_open ();
 #endif
+
+	check_fds ();
+
 	(void) setlocale (LC_ALL, "");
 	(void) bindtextdomain (PACKAGE, LOCALEDIR);
 	(void) textdomain (PACKAGE);
--- a/src/newuidmap.c
+++ b/src/newuidmap.c
@@ -23,7 +23,7 @@
 /*
 * Global variables
 */
-const char *Prog;
+static const char Prog[] = "newuidmap";

 static bool verify_range(struct passwd *pw, struct map_range *range)
 {
@@ -80,7 +80,6 @@ int main(int argc, char **argv)
 	struct stat st;
 	struct passwd *pw;

-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

--- a/src/newusers.c
+++ b/src/newusers.c
@@ -54,7 +54,7 @@
 /*
 * Global variables
 */
-const char *Prog;
+static const char Prog[] = "newusers";

 static bool rflg = false;	/* create a system account */
 #ifndef USE_PAM
@@ -1056,7 +1056,6 @@ int main (int argc, char **argv)
 	unsigned int nusers = 0;
 #endif				/* USE_PAM */

-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

--- a/src/passwd.c
+++ b/src/passwd.c
@@ -45,7 +45,7 @@
 /*
 * Global variables
 */
-const char *Prog;		/* Program name */
+static const char Prog[] = "passwd";	/* Program name */

 static char *name;		/* The name of user whose password is being changed */
 static char *myname;		/* The current user's name */
@@ -730,12 +730,8 @@ int main (int argc, char **argv)
 	const struct spwd *sp;	/* Shadow file entry for user   */

 	sanitize_env ();
+	check_fds ();

-	/*
-	 * Get the program name. The program name is used as a prefix to
-	 * most error messages.
-	 */
-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

@@ -757,7 +753,7 @@ int main (int argc, char **argv)
 	 */
 	amroot = (getuid () == 0);

-	OPENLOG ("passwd");
+	OPENLOG (Prog);

 	{
 		/*
@@ -976,7 +972,7 @@ int main (int argc, char **argv)
 #ifdef WITH_SELINUX
 	/* only do this check when getuid()==0 because it's a pre-condition for
 	   changing a password without entering the old one */
-	if (amroot && (check_selinux_permit ("passwd") != 0)) {
+	if (amroot && (check_selinux_permit (Prog) != 0)) {
 		SYSLOG ((LOG_ALERT,
 		         "root is not authorized by SELinux to change the password of %s",
 		         name));
--- a/src/pwck.c
+++ b/src/pwck.c
@@ -47,7 +47,7 @@
 /*
 * Global variables
 */
-const char *Prog;
+static const char Prog[] = "pwck";

 static bool use_system_pw_file = true;
 static bool use_system_spw_file = true;
@@ -833,10 +833,6 @@ int main (int argc, char **argv)
 	int errors = 0;
 	bool changed = false;

-	/*
-	 * Get my name so that I can use it to report errors.
-	 */
-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

@@ -846,7 +842,7 @@ int main (int argc, char **argv)

 	process_root_flag ("-R", argc, argv);

-	OPENLOG ("pwck");
+	OPENLOG (Prog);

 	/* Parse the command line arguments */
 	process_flags (argc, argv);
--- a/src/pwconv.c
+++ b/src/pwconv.c
@@ -66,7 +66,7 @@
 /*
 * Global variables
 */
-const char *Prog;
+static const char Prog[] = "pwconv";

 static bool spw_locked = false;
 static bool pw_locked = false;
@@ -153,7 +153,6 @@ int main (int argc, char **argv)
 	const struct spwd *sp;
 	struct spwd spent;

-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

@@ -163,7 +162,7 @@ int main (int argc, char **argv)

 	process_root_flag ("-R", argc, argv);

-	OPENLOG ("pwconv");
+	OPENLOG (Prog);

 	process_flags (argc, argv);

--- a/src/pwunconv.c
+++ b/src/pwunconv.c
@@ -30,7 +30,7 @@
 /*
 * Global variables
 */
-const char *Prog;
+static const char Prog[] = "pwunconv";

 static bool spw_locked = false;
 static bool pw_locked = false;
@@ -114,7 +114,6 @@ int main (int argc, char **argv)
 	struct passwd pwent;
 	const struct spwd *spwd;

-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

@@ -124,7 +123,7 @@ int main (int argc, char **argv)

 	process_root_flag ("-R", argc, argv);

-	OPENLOG ("pwunconv");
+	OPENLOG (Prog);

 	process_flags (argc, argv);

--- a/src/su.c
+++ b/src/su.c
@@ -61,7 +61,7 @@
 /*
 * Global variables
 */
-const char *Prog;
+static const char Prog[] = "su";
 static /*@observer@*/const char *caller_tty = NULL;	/* Name of tty SU is run from */
 static bool caller_is_root = false;
 static uid_t caller_uid;
@@ -730,11 +730,6 @@ static void save_caller_context (char **argv)
 	const char *password = NULL;
 #endif				/* SU_ACCESS */
 #endif				/* !USE_PAM */
-	/*
-	 * Get the program name. The program name is used as a prefix to
-	 * most error messages.
-	 */
-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

@@ -1004,20 +999,22 @@ int main (int argc, char **argv)
 	int ret;
 #endif				/* USE_PAM */

+	check_fds ();
+
 	(void) setlocale (LC_ALL, "");
 	(void) bindtextdomain (PACKAGE, LOCALEDIR);
 	(void) textdomain (PACKAGE);

 	save_caller_context (argv);

-	OPENLOG ("su");
+	OPENLOG (Prog);

 	process_flags (argc, argv);

 	initenv ();

 #ifdef USE_PAM
-	ret = pam_start ("su", name, &conv, &pamh);
+	ret = pam_start (Prog, name, &conv, &pamh);
 	if (PAM_SUCCESS != ret) {
 		SYSLOG ((LOG_ERR, "pam_start: error %d", ret);
 		fprintf (stderr,
--- a/src/sulogin.c
+++ b/src/sulogin.c
@@ -27,7 +27,7 @@
 /*
 * Global variables
 */
-const char *Prog;
+static const char Prog[] = "sulogin";

 static char pass[BUFSIZ];

@@ -63,7 +63,6 @@ static void catch_signals (unused int sig)
 	termio.c_lflag |= (ECHO | ECHOE | ECHOK | ICANON | ISIG);
 	tcsetattr (0, TCSANOW, &termio);

-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);
 	(void) setlocale (LC_ALL, "");
--- a/src/useradd.c
+++ b/src/useradd.c
@@ -82,7 +82,7 @@
 /*
 * Global variables
 */
-const char *Prog;
+static const char Prog[] = "useradd";

 /*
 * These defaults are used if there is no defaults file.
@@ -2518,10 +2518,6 @@ int main (int argc, char **argv)
 	unsigned long subuid_count = 0;
 	unsigned long subgid_count = 0;

-	/*
-	 * Get my name so that I can use it to report errors.
-	 */
-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

@@ -2533,7 +2529,7 @@ int main (int argc, char **argv)

 	prefix = process_prefix_flag("-P", argc, argv);

-	OPENLOG ("useradd");
+	OPENLOG (Prog);
 #ifdef WITH_AUDIT
 	audit_help_open ();
 #endif
@@ -2585,7 +2581,7 @@ int main (int argc, char **argv)
 			fail_exit (1);
 		}

-		retval = pam_start ("useradd", pampw?pampw->pw_name:"root", &conv, &pamh);
+		retval = pam_start (Prog, pampw?pampw->pw_name:"root", &conv, &pamh);
 	}

 	if (PAM_SUCCESS == retval) {
--- a/src/userdel.c
+++ b/src/userdel.c
@@ -70,7 +70,7 @@
 /*
 * Global variables
 */
-const char *Prog;
+static const char Prog[] = "userdel";

 static char *user_name;
 static uid_t user_id;
@@ -969,10 +969,6 @@ int main (int argc, char **argv)
 #endif				/* USE_PAM */
 #endif				/* ACCT_TOOLS_SETUID */

-	/*
-	 * Get my name so that I can use it to report errors.
-	 */
-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);
 	(void) setlocale (LC_ALL, "");
@@ -982,7 +978,7 @@ int main (int argc, char **argv)
 	process_root_flag ("-R", argc, argv);
 	prefix = process_prefix_flag ("-P", argc, argv);

-	OPENLOG ("userdel");
+	OPENLOG (Prog);
 #ifdef WITH_AUDIT
 	audit_help_open ();
 #endif				/* WITH_AUDIT */
@@ -1066,7 +1062,7 @@ int main (int argc, char **argv)
 			exit (E_PW_UPDATE);
 		}

-		retval = pam_start ("userdel", pampw->pw_name, &conv, &pamh);
+		retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
 	}

 	if (PAM_SUCCESS == retval) {
--- a/src/usermod.c
+++ b/src/usermod.c
@@ -86,7 +86,7 @@
 /*
 * Global variables
 */
-const char *Prog;
+static const char Prog[] = "usermod";

 static char *user_name;
 static char *user_newname;
@@ -2153,10 +2153,6 @@ int main (int argc, char **argv)
 #endif				/* USE_PAM */
 #endif				/* ACCT_TOOLS_SETUID */

-	/*
-	 * Get my name so that I can use it to report errors.
-	 */
-	Prog = Basename (argv[0]);
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

@@ -2167,7 +2163,7 @@ int main (int argc, char **argv)
 	process_root_flag ("-R", argc, argv);
 	prefix = process_prefix_flag ("-P", argc, argv);

-	OPENLOG ("usermod");
+	OPENLOG (Prog);
 #ifdef WITH_AUDIT
 	audit_help_open ();
 #endif
@@ -2213,7 +2209,7 @@ int main (int argc, char **argv)
 			exit (1);
 		}

-		retval = pam_start ("usermod", pampw->pw_name, &conv, &pamh);
+		retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
 	}

 	if (PAM_SUCCESS == retval) {
--- a/src/vipw.c
+++ b/src/vipw.c
@@ -52,7 +52,7 @@
 /*
 * Global variables
 */
-const char *Prog;
+static const char *Prog;

 static const char *filename, *fileeditname;
 static bool filelocked = false;
@@ -469,10 +469,12 @@ vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void))

 int main (int argc, char **argv)
 {
-	bool editshadow = false;
-	bool do_vipw;
+	bool  editshadow = false;
+	bool  do_vigr;

-	Prog = Basename (argv[0]);
+	do_vigr = (strcmp(Basename(argv[0]), "vigr") == 0);
+
+	Prog = do_vigr ? "vigr" : "vipw";
 	log_set_progname(Prog);
 	log_set_logfd(stderr);

@@ -482,9 +484,7 @@ int main (int argc, char **argv)

 	process_root_flag ("-R", argc, argv);

-	do_vipw = (strcmp (Prog, "vigr") != 0);
-
-	OPENLOG (do_vipw ? "vipw" : "vigr");
+	OPENLOG(Prog);

 	{
 		/*
@@ -512,13 +512,13 @@ int main (int argc, char **argv)
 		                         long_options, NULL)) != -1) {
 			switch (c) {
 			case 'g':
-				do_vipw = false;
+				do_vigr = true;
 				break;
 			case 'h':
 				usage (E_SUCCESS);
 				break;
 			case 'p':
-				do_vipw = true;
+				do_vigr = false;
 				break;
 			case 'q':
 				quiet = true;
@@ -543,7 +543,27 @@ int main (int argc, char **argv)
 		}
 	}

-	if (do_vipw) {
+	if (do_vigr) {
+#ifdef SHADOWGRP
+		if (editshadow) {
+			vipwedit (sgr_dbname (), sgr_lock, sgr_unlock);
+			printf (MSG_WARN_EDIT_OTHER_FILE,
+			        sgr_dbname (),
+			        gr_dbname (),
+			        "vigr");
+		} else {
+#endif				/* SHADOWGRP */
+			vipwedit (gr_dbname (), gr_lock, gr_unlock);
+#ifdef SHADOWGRP
+			if (sgr_file_present ()) {
+				printf (MSG_WARN_EDIT_OTHER_FILE,
+				        gr_dbname (),
+				        sgr_dbname (),
+				        "vigr -s");
+			}
+		}
+#endif				/* SHADOWGRP */
+	} else {
 		if (editshadow) {
 #ifdef WITH_TCB
 			if (getdef_bool ("USE_TCB") && (NULL != user)) {
@@ -570,26 +590,6 @@ int main (int argc, char **argv)
 				        "vipw -s");
 			}
 		}
-	} else {
-#ifdef SHADOWGRP
-		if (editshadow) {
-			vipwedit (sgr_dbname (), sgr_lock, sgr_unlock);
-			printf (MSG_WARN_EDIT_OTHER_FILE,
-			        sgr_dbname (),
-			        gr_dbname (),
-			        "vigr");
-		} else {
-#endif				/* SHADOWGRP */
-			vipwedit (gr_dbname (), gr_lock, gr_unlock);
-#ifdef SHADOWGRP
-			if (sgr_file_present ()) {
-				printf (MSG_WARN_EDIT_OTHER_FILE,
-				        gr_dbname (),
-				        sgr_dbname (),
-				        "vigr -s");
-			}
-		}
-#endif				/* SHADOWGRP */
 	}

 	nscd_flush_cache ("passwd");
Author	SHA1	Message	Date
Alejandro Colomar	7ceeec8d79	Release 4.14.7 Closes: <https://github.com/shadow-maint/shadow/issues/959> Signed-off-by: Alejandro Colomar <alx@kernel.org>	2024-03-26 20:46:18 +01:00
Enrico Scholz	aed99b13e0	lib/copydir.c: copy_entry(): Use temporary stat buffer There are no guarantees that fstatat() does not clobber the stat buffer on errors. Use a temporary buffer so that the following code sees correct attributes of the source entry. Link: <https://github.com/shadow-maint/shadow/issues/973> Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de> Reviewed-by: Alejandro Colomar <alx@kernel.org> Cherry-picked-from: `000619344d` ("lib/copydir:copy_entry(): use temporary stat buffer") Link: <https://github.com/shadow-maint/shadow/pull/974> Signed-off-by: Alejandro Colomar <alx@kernel.org>	2024-03-22 00:19:06 +01:00
Antoine Roux	89d26e03db	man/po/fr.po: Fix wrong french translation 32 characters were wrongly translated to 16 in french translation file. Reviewed-by: Alejandro Colomar <alx@kernel.org> Cherry-picked-from: `51a0d94a08` ("Fix wrong french translation") Link: <https://github.com/shadow-maint/shadow/pull/975> Cc: Iker Pedrosa <ipedrosa@redhat.com> Signed-off-by: Alejandro Colomar <alx@kernel.org>	2024-03-22 00:10:24 +01:00
Skyler Ferrante	f4293f9fbc	lib/, src/: Add checks for fd omission Adding function check_fds to new file fd.c. The function check_fds should be called in every setuid/setgid program. Co-developed-by: Alejandro Colomar <alx@kernel.org> Cherry-picked-from: `d2f2c1877a` ("Adding checks for fd omission") Link: <https://github.com/shadow-maint/shadow/pull/964> Link: <https://inbox.sourceware.org/libc-alpha/ZeyujhVRsDTUNUtw@debian/T/> [alx: It seems we shouldn't need this, as libc does it for us. But it ] [ shouldn't hurt either. Let's be paranoic. ] Cc: <Guillem Jover <guillem@hadrons.org> Cc: "Serge E. Hallyn" <serge@hallyn.com> Cc: "Skyler Ferrante (RIT Student)" <sjf5462@rit.edu> Cc: Iker Pedrosa <ipedrosa@redhat.com> Cc: Christian Brauner <christian@brauner.io> Cc: Rich Felker <dalias@libc.org> Cc: Andreas Schwab <schwab@linux-m68k.org> Cc: Thorsten Glaser <tg@mirbsd.de> Cc: NRK <nrk@disroot.org> Cc: Florian Weimer <fweimer@redhat.com> Cc: enh <enh@google.com> Cc: Laurent Bercot <ska-dietlibc@skarnet.org> Cc: Gabriel Ravier <gabravier@gmail.com> Cc: Zack Weinberg <zack@owlfolio.org> Signed-off-by: Alejandro Colomar <alx@kernel.org>	2024-03-13 23:19:51 +01:00
Alejandro Colomar	39192107a6	src/vipw.c: Use string literals to initialize 'Prog' This avoids using argv[0], which is controlled by the user, and might inject arbitrary text in stderr and the logs. Link: <https://github.com/shadow-maint/shadow/issues/959> Link: <https://github.com/shadow-maint/shadow/pull/960> Cc: "Skyler Ferrante (RIT Student)" <sjf5462@rit.edu> Cc: "Serge E. Hallyn" <serge@hallyn.com> Cc: Karel Zak <kzak@redhat.com> Cc: Iker Pedrosa <ipedrosa@redhat.com> Cc: Christian Brauner <christian@brauner.io> Cherry-picked-from: `89c4da43cb` ("src/vipw.c: Use string literals to initialize 'Prog'") Link: <https://github.com/shadow-maint/shadow/pull/962> Signed-off-by: Alejandro Colomar <alx@kernel.org>	2024-03-08 17:42:18 +01:00
Alejandro Colomar	470d6be230	src/vipw.c: Reverse logic and variable name Since we're checking for "vigr", it makes more sense to name the variable accordingly. Signed-off-by: Alejandro Colomar <alx@kernel.org> Cherry-picked-from: `0ab893a734` ("src/vipw.c: Reverse logic and variable name") Link: <https://github.com/shadow-maint/shadow/pull/962> [alx: This is needed by `89c4da43cb` ("src/vipw.c: Use string literals to initialize 'Prog'") Cc: Serge Hallyn <serge@hallyn.com> Signed-off-by: Alejandro Colomar <alx@kernel.org>	2024-03-08 17:42:09 +01:00
Skyler Ferrante	a28371336e	src/: Hardcode Prog to known value Set Prog (program name) based on hardcoded value instead of argv[0]. This is to help prevent escape sequence injection. Cherry-picked-from: `e6c2e43937` ("Hardcoding Prog to known value") Link: <https://github.com/shadow-maint/shadow/issues/959> Link: <https://github.com/shadow-maint/shadow/pull/960> Cc: "Skyler Ferrante (RIT Student)" <sjf5462@rit.edu> Cc: "Serge E. Hallyn" <serge@hallyn.com> Cc: Karel Zak <kzak@redhat.com> Cc: Iker Pedrosa <ipedrosa@redhat.com> Cc: Christian Brauner <christian@brauner.io> Signed-off-by: Alejandro Colomar <alx@kernel.org>	2024-03-07 22:54:04 +01:00