- groupmems: check username for valid character (#455603)

- groupmems: don't segfault on nonexistent group (#456088)
2008-09-24 13:26:18 +00:00 · 2008-09-24 13:26:18 +00:00 · 53b6c2ec17
commit 53b6c2ec17
parent 60ae26e9e9
3 changed files with 63 additions and 1 deletions
--- a/shadow-4.1.2-checkName.patch
+++ b/shadow-4.1.2-checkName.patch
@ -0,0 +1,32 @@
+diff -up shadow-4.1.2/src/groupmems.c.checkName shadow-4.1.2/src/groupmems.c
+--- shadow-4.1.2/src/groupmems.c.checkName	2008-09-24 11:17:02.000000000 +0200
+++ shadow-4.1.2/src/groupmems.c	2008-09-24 14:03:01.000000000 +0200
+@@ -43,6 +43,7 @@
+ #include <pwd.h>
+ #include "defines.h"
+ #include "groupio.h"
+#include "chkname.h"
+ 
+ /* Exit Status Values */
+ 
+@@ -54,6 +55,7 @@
+ #define EXIT_NOT_PRIMARY	5	/* not primary owner of group  */
+ #define EXIT_NOT_MEMBER		6	/* member of group does not exist */
+ #define EXIT_MEMBER_EXISTS	7	/* member of group already exists */
+#define E_BAD_ARG		8       /* invalid argument to option */
+ 
+ #define TRUE 1
+ #define FALSE 0
+@@ -225,6 +227,12 @@ int main (int argc, char **argv) 
+ 		usage ();
+ 	}
+ 
+        /* check if user names is valid */
+	if ( adduser && !check_user_name (adduser)) {
+	        fprintf (stderr, _("%s is not a valid user name\n"), adduser);
+	        exit (E_BAD_ARG);
+	}
+
+ 	if (!isroot () && NULL != thisgroup) {
+ 		fputs (_("Only root can add members to different groups\n"),
+ 		       stderr);
--- a/shadow-4.1.2-gmNoGroup.patch
+++ b/shadow-4.1.2-gmNoGroup.patch
@ -0,0 +1,22 @@
+diff -up shadow-4.1.2/src/groupmems.c.gmNoGroup shadow-4.1.2/src/groupmems.c
+--- shadow-4.1.2/src/groupmems.c.gmNoGroup	2008-09-24 15:00:30.000000000 +0200
+++ shadow-4.1.2/src/groupmems.c	2008-09-24 15:07:20.000000000 +0200
+@@ -56,6 +56,7 @@
+ #define EXIT_NOT_MEMBER		6	/* member of group does not exist */
+ #define EXIT_MEMBER_EXISTS	7	/* member of group already exists */
+ #define E_BAD_ARG		8       /* invalid argument to option */
+#define EXIT_NOT_GROUP		8	/* group does not exist */
+ 
+ #define TRUE 1
+ #define FALSE 0
+@@ -293,6 +294,10 @@ int main (int argc, char **argv) 
+ 	}
+ 
+ 	grp = (struct group *) gr_locate (name);
+	if (NULL == grp) {
+		fputs (_("Specified group does not exist\n"), stderr);
+		exit (EXIT_NOT_GROUP);
+	}
+ 
+ 	if (NULL != adduser) {
+ 		grp->gr_mem = addtogroup (adduser, grp->gr_mem);
--- a/shadow-utils.spec
+++ b/shadow-utils.spec
@ -5,7 +5,7 @@
 Summary: Utilities for managing accounts and shadow password files
 Name: shadow-utils
 Version: 4.1.2
-Release: 7%{?dist}
+Release: 8%{?dist}
 Epoch: 2
 URL: http://pkg-shadow.alioth.debian.org/
 Source0: ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/shadow-%{version}.tar.bz2
@ -19,6 +19,8 @@ Patch3: shadow-4.1.2-sysAccountDownhill.patch
 Patch4: shadow-4.1.2-gmSEGV.patch
 Patch5: shadow-4.1.2-audit.patch
 Patch6: shadow-4.1.1-selinuxUserMappings.patch
+Patch7: shadow-4.1.2-checkName.patch
+Patch8: shadow-4.1.2-gmNoGroup.patch

 License: BSD
 Group: System Environment/Base
@ -50,6 +52,8 @@ are used for managing group accounts.
 %patch4 -p1 -b .gmSEGV
 %patch5 -p1 -b .audit
 %patch6 -p1 -b .selinuxUserMappings
+%patch7 -p1 -b .checkName
+%patch8 -p1 -b .gmNoGroup


 rm po/*.gmo
@ -190,6 +194,10 @@ rm -rf $RPM_BUILD_ROOT
 %{_mandir}/man8/vigr.8*

 %changelog
+* Wed Sep 24 2008 Peter Vrabec <pvrabec@redhat.com> 2:4.1.2-8
+- groupmems: check username for valid character (#455603)
+- groupmems: don't segfault on nonexistent group (#456088)
+
 * Thu Sep 11 2008 Peter Vrabec <pvrabec@redhat.com> 2:4.1.2-7
 - fix usermod SELinux user mappings change (#458766)