- fix integer underflow in faillog (#603683)

- use preferred GID for reserved static IDs

shadow-4.1.4.2-underflow.patch

@@ -0,0 +1,43 @@
+diff -up shadow-4.1.4.2/src/faillog.c.overflow shadow-4.1.4.2/src/faillog.c
+--- shadow-4.1.4.2/src/faillog.c.overflow	2010-06-14 10:40:28.023030897 +0200
++++ shadow-4.1.4.2/src/faillog.c	2010-06-14 10:53:10.884034750 +0200
+@@ -106,8 +106,8 @@ static void print_one (/*@null@*/const s
+ 		return;
+ 	}
+ 
+-	offset = pw->pw_uid * sizeof (fl);
+-	if (offset <= (statbuf.st_size - sizeof (fl))) {
++	offset = (off_t) pw->pw_uid * sizeof (fl);
++	if (offset + sizeof (fl) <= statbuf.st_size) {
+ 		/* fseeko errors are not really relevant for us. */
+ 		int err = fseeko (fail, offset, SEEK_SET);
+ 		assert (0 == err);
+@@ -206,8 +206,8 @@ static bool reset_one (uid_t uid)
+ 	off_t offset;
+ 	struct faillog fl;
+ 
+-	offset = uid * sizeof (fl);
+-	if (offset <= (statbuf.st_size - sizeof (fl))) {
++	offset = (off_t) uid * sizeof (fl);
++	if (offset + sizeof (fl) <= statbuf.st_size) {
+ 		/* fseeko errors are not really relevant for us. */
+ 		int err = fseeko (fail, offset, SEEK_SET);
+ 		assert (0 == err);
+@@ -294,7 +294,7 @@ static bool setmax_one (uid_t uid, int m
+ 	struct faillog fl;
+ 
+ 	offset = (off_t) uid * sizeof (fl);
+-	if (offset <= (statbuf.st_size - sizeof (fl))) {
++	if (offset + sizeof (fl) <= statbuf.st_size) {
+ 		/* fseeko errors are not really relevant for us. */
+ 		int err = fseeko (fail, offset, SEEK_SET);
+ 		assert (0 == err);
+@@ -385,7 +385,7 @@ static bool set_locktime_one (uid_t uid,
+ 	struct faillog fl;
+ 
+ 	offset = (off_t) uid * sizeof (fl);
+-	if (offset <= (statbuf.st_size - sizeof (fl))) {
++	if (offset + sizeof (fl) <= statbuf.st_size) {
+ 		/* fseeko errors are not really relevant for us. */
+ 		int err = fseeko (fail, offset, SEEK_SET);
+ 		assert (0 == err);