From 8d10c812854c400eec1cfde59cc73261e8c516a1 Mon Sep 17 00:00:00 2001 From: Peter Vrabec Date: Tue, 20 Dec 2011 13:53:56 +0100 Subject: [PATCH] fix leaks in .IDs patch (#734340) --- shadow-4.1.4.3-IDs.patch | 79 ++++++++++++++++++++++++++++++++++------ shadow-utils.spec | 5 ++- 2 files changed, 72 insertions(+), 12 deletions(-) diff --git a/shadow-4.1.4.3-IDs.patch b/shadow-4.1.4.3-IDs.patch index 3e5ea23..6d26f74 100644 --- a/shadow-4.1.4.3-IDs.patch +++ b/shadow-4.1.4.3-IDs.patch @@ -1,6 +1,6 @@ diff -up shadow-4.1.4.3/libmisc/find_new_gid.c.IDs shadow-4.1.4.3/libmisc/find_new_gid.c ---- shadow-4.1.4.3/libmisc/find_new_gid.c.IDs 2011-05-20 22:45:27.852146758 +0200 -+++ shadow-4.1.4.3/libmisc/find_new_gid.c 2011-05-20 22:47:45.977909798 +0200 +--- shadow-4.1.4.3/libmisc/find_new_gid.c.IDs 2011-12-20 13:28:13.042668305 +0100 ++++ shadow-4.1.4.3/libmisc/find_new_gid.c 2011-12-20 13:35:40.011817589 +0100 @@ -32,6 +32,7 @@ #include @@ -9,23 +9,56 @@ diff -up shadow-4.1.4.3/libmisc/find_new_gid.c.IDs shadow-4.1.4.3/libmisc/find_n #include "prototypes.h" #include "groupio.h" -@@ -65,7 +66,12 @@ int find_new_gid (bool sys_group, +@@ -65,8 +66,6 @@ int find_new_gid (bool sys_group, gid_max = (gid_t) getdef_ulong ("GID_MIN", 1000UL) - 1; gid_max = (gid_t) getdef_ulong ("SYS_GID_MAX", (unsigned long) gid_max); } - used_gids = alloca (sizeof (bool) * (gid_max +1)); +- memset (used_gids, false, sizeof (bool) * (gid_max + 1)); + + if ( (NULL != preferred_gid) + && (*preferred_gid >= gid_min) +@@ -80,6 +79,14 @@ int find_new_gid (bool sys_group, + return 0; + } + + used_gids = malloc (sizeof (bool) * (gid_max +1)); + if(used_gids==NULL) { + fprintf (stderr, + _("%s: failed to allocate memory. %s\n"), Prog, strerror (errno)); + return -1; + } - memset (used_gids, false, sizeof (bool) * (gid_max + 1)); ++ memset (used_gids, false, sizeof (bool) * (gid_max + 1)); ++ + /* if we did not find free preffered system gid, we start to look for + * one in the range assigned to dynamic system IDs */ + if (sys_group) +@@ -162,6 +169,7 @@ int find_new_gid (bool sys_group, + Prog); + SYSLOG ((LOG_WARN, + "no more available GID on the system")); ++ free(used_gids); + return -1; + } + } +@@ -177,12 +185,14 @@ int find_new_gid (bool sys_group, + _("%s: Can't get unique GID (no more available GIDs)\n"), + Prog); + SYSLOG ((LOG_WARN, "no more available GID on the system")); ++ free(used_gids); + return -1; + } + } + } + + *gid = group_id; ++ free(used_gids); + return 0; + } - if ( (NULL != preferred_gid) diff -up shadow-4.1.4.3/libmisc/find_new_uid.c.IDs shadow-4.1.4.3/libmisc/find_new_uid.c --- shadow-4.1.4.3/libmisc/find_new_uid.c.IDs 2011-02-13 18:58:11.000000000 +0100 -+++ shadow-4.1.4.3/libmisc/find_new_uid.c 2011-05-20 22:47:45.977909798 +0200 ++++ shadow-4.1.4.3/libmisc/find_new_uid.c 2011-12-20 13:37:27.415023688 +0100 @@ -32,6 +32,7 @@ #include @@ -34,25 +67,49 @@ diff -up shadow-4.1.4.3/libmisc/find_new_uid.c.IDs shadow-4.1.4.3/libmisc/find_n #include "prototypes.h" #include "pwio.h" -@@ -65,7 +66,12 @@ int find_new_uid (bool sys_user, +@@ -65,8 +66,6 @@ int find_new_uid (bool sys_user, uid_max = (uid_t) getdef_ulong ("UID_MIN", 1000UL) - 1; uid_max = (uid_t) getdef_ulong ("SYS_UID_MAX", (unsigned long) uid_max); } - used_uids = alloca (sizeof (bool) * (uid_max +1)); +- memset (used_uids, false, sizeof (bool) * (uid_max + 1)); + + if ( (NULL != preferred_uid) + && (*preferred_uid >= uid_min) +@@ -80,6 +79,13 @@ int find_new_uid (bool sys_user, + return 0; + } + + used_uids = malloc (sizeof (bool) * (uid_max +1)); + if(used_uids==NULL) { + fprintf (stderr, + _("%s: failed to allocate memory. %s\n"), Prog, strerror (errno)); + return -1; + } - memset (used_uids, false, sizeof (bool) * (uid_max + 1)); ++ memset (used_uids, false, sizeof (bool) * (uid_max + 1)); - if ( (NULL != preferred_uid) -@@ -178,6 +184,7 @@ int find_new_uid (bool sys_user, + /* + * Search the entire password file, +@@ -158,6 +164,7 @@ int find_new_uid (bool sys_user, + Prog); + SYSLOG ((LOG_WARN, + "no more available UID on the system")); ++ free(used_uids); + return -1; + } + } +@@ -173,12 +180,14 @@ int find_new_uid (bool sys_user, + _("%s: Can't get unique UID (no more available UIDs)\n"), + Prog); + SYSLOG ((LOG_WARN, "no more available UID on the system")); ++ free(used_uids); + return -1; + } } } -+ free(used_uids); *uid = user_id; ++ free(used_uids); return 0; } + diff --git a/shadow-utils.spec b/shadow-utils.spec index 18a1090..afe5104 100644 --- a/shadow-utils.spec +++ b/shadow-utils.spec @@ -1,7 +1,7 @@ Summary: Utilities for managing accounts and shadow password files Name: shadow-utils Version: 4.1.4.3 -Release: 11%{?dist} +Release: 12%{?dist} Epoch: 2 URL: http://pkg-shadow.alioth.debian.org/ Source0: http://pkg-shadow.alioth.debian.org/releases/shadow-%{version}.tar.bz2 @@ -228,6 +228,9 @@ rm -rf $RPM_BUILD_ROOT %{_mandir}/man8/vigr.8* %changelog +* Tue Dec 20 2011 Peter Vrabec - 2:4.1.4.3-12 +- fix leaks in .IDs patch (#734340) + * Wed Nov 16 2011 Peter Vrabec - 2:4.1.4.3-11 - free memory associated with SELinux security contexts