fix integer underflow in laslog (#706321)
This commit is contained in:
Peter Vrabec
parent
5d7612da5b
commit
6e8f608032
2 changed files with 22 additions and 4 deletions
|
|
@ -1,6 +1,6 @@
|
||||||
diff -up shadow-4.1.4.2/src/faillog.c.overflow shadow-4.1.4.2/src/faillog.c
|
diff -up shadow-4.1.4.3/src/faillog.c.underflow shadow-4.1.4.3/src/faillog.c
|
||||||
--- shadow-4.1.4.2/src/faillog.c.overflow 2010-06-14 10:40:28.023030897 +0200
|
--- shadow-4.1.4.3/src/faillog.c.underflow 2011-02-13 12:58:16.000000000 -0500
|
||||||
+++ shadow-4.1.4.2/src/faillog.c 2010-06-14 10:53:10.884034750 +0200
|
+++ shadow-4.1.4.3/src/faillog.c 2011-05-30 17:48:55.000000000 -0400
|
||||||
@@ -106,8 +106,8 @@ static void print_one (/*@null@*/const s
|
@@ -106,8 +106,8 @@ static void print_one (/*@null@*/const s
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
@ -41,3 +41,18 @@ diff -up shadow-4.1.4.2/src/faillog.c.overflow shadow-4.1.4.2/src/faillog.c
|
||||||
/* fseeko errors are not really relevant for us. */
|
/* fseeko errors are not really relevant for us. */
|
||||||
int err = fseeko (fail, offset, SEEK_SET);
|
int err = fseeko (fail, offset, SEEK_SET);
|
||||||
assert (0 == err);
|
assert (0 == err);
|
||||||
|
diff -up shadow-4.1.4.3/src/lastlog.c.underflow shadow-4.1.4.3/src/lastlog.c
|
||||||
|
--- shadow-4.1.4.3/src/lastlog.c.underflow 2011-05-31 03:52:25.000000000 -0400
|
||||||
|
+++ shadow-4.1.4.3/src/lastlog.c 2011-05-31 03:53:32.000000000 -0400
|
||||||
|
@@ -102,9 +102,8 @@ static void print_one (/*@null@*/const s
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
- offset = pw->pw_uid * sizeof (ll);
|
||||||
|
-
|
||||||
|
- if (offset <= (statbuf.st_size - sizeof (ll))) {
|
||||||
|
+ offset = (off_t) pw->pw_uid * sizeof (ll);
|
||||||
|
+ if (offset + sizeof (ll) <= statbuf.st_size - sizeof (ll)) {
|
||||||
|
/* fseeko errors are not really relevant for us. */
|
||||||
|
int err = fseeko (lastlogfile, offset, SEEK_SET);
|
||||||
|
assert (0 == err);
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
Summary: Utilities for managing accounts and shadow password files
|
Summary: Utilities for managing accounts and shadow password files
|
||||||
Name: shadow-utils
|
Name: shadow-utils
|
||||||
Version: 4.1.4.3
|
Version: 4.1.4.3
|
||||||
Release: 1%{?dist}
|
Release: 2%{?dist}
|
||||||
Epoch: 2
|
Epoch: 2
|
||||||
URL: http://pkg-shadow.alioth.debian.org/
|
URL: http://pkg-shadow.alioth.debian.org/
|
||||||
Source0: ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/shadow-%{version}.tar.bz2
|
Source0: ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/shadow-%{version}.tar.bz2
|
||||||
|
|
@ -200,6 +200,9 @@ rm -rf $RPM_BUILD_ROOT
|
||||||
%{_mandir}/man8/vigr.8*
|
%{_mandir}/man8/vigr.8*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue May 31 2011 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.3-2
|
||||||
|
- fix integer underflow in laslog (#706321)
|
||||||
|
|
||||||
* Fri May 20 2011 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.3-1
|
* Fri May 20 2011 Peter Vrabec <pvrabec@redhat.com> - 2:4.1.4.3-1
|
||||||
- upgrade
|
- upgrade
|
||||||
- change UID/GID_MIN to #1000
|
- change UID/GID_MIN to #1000
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue