slightly more meaningful error messages if crypt() returns NULL (#988184)

- explicit suid permissions
This commit is contained in:
Tomas Mraz 2013-07-25 13:26:18 +02:00
parent 047af921d9
commit a451dc3d55
2 changed files with 205 additions and 4 deletions

View file

@ -0,0 +1,195 @@
diff -up shadow-4.1.5.1/lib/encrypt.c.crypt-null shadow-4.1.5.1/lib/encrypt.c
--- shadow-4.1.5.1/lib/encrypt.c.crypt-null 2010-08-22 15:05:02.000000000 +0200
+++ shadow-4.1.5.1/lib/encrypt.c 2013-07-25 12:27:30.438355782 +0200
@@ -49,11 +49,10 @@
if (!cp) {
/*
* Single Unix Spec: crypt() may return a null pointer,
- * and set errno to indicate an error. The caller doesn't
- * expect us to return NULL, so...
+ * and set errno to indicate an error. In this case return
+ * the NULL so the caller can handle appropriately.
*/
- perror ("crypt");
- exit (EXIT_FAILURE);
+ return cp;
}
/* The GNU crypt does not return NULL if the algorithm is not
diff -up shadow-4.1.5.1/libmisc/valid.c.crypt-null shadow-4.1.5.1/libmisc/valid.c
--- shadow-4.1.5.1/libmisc/valid.c.crypt-null 2010-08-22 21:14:41.000000000 +0200
+++ shadow-4.1.5.1/libmisc/valid.c 2013-07-25 12:27:30.440355847 +0200
@@ -95,6 +95,7 @@ bool valid (const char *password, const
*/
if ( (NULL != ent->pw_name)
+ && (NULL != encrypted)
&& (strcmp (encrypted, ent->pw_passwd) == 0)) {
return true;
} else {
diff -up shadow-4.1.5.1/lib/pwauth.c.crypt-null shadow-4.1.5.1/lib/pwauth.c
--- shadow-4.1.5.1/lib/pwauth.c.crypt-null 2009-07-13 00:24:48.000000000 +0200
+++ shadow-4.1.5.1/lib/pwauth.c 2013-07-25 12:27:30.438355782 +0200
@@ -73,6 +73,7 @@ int pw_auth (const char *cipher,
char prompt[1024];
char *clear = NULL;
const char *cp;
+ const char *encrypted;
int retval;
#ifdef SKEY
@@ -177,7 +178,11 @@ int pw_auth (const char *cipher,
* the results there as well.
*/
- retval = strcmp (pw_encrypt (input, cipher), cipher);
+ encrypted = pw_encrypt (input, cipher);
+ if (encrypted!=NULL)
+ retval = strcmp (encrypted, cipher);
+ else
+ retval = -1;
#ifdef SKEY
/*
diff -up shadow-4.1.5.1/src/chgpasswd.c.crypt-null shadow-4.1.5.1/src/chgpasswd.c
--- shadow-4.1.5.1/src/chgpasswd.c.crypt-null 2011-12-09 22:31:40.000000000 +0100
+++ shadow-4.1.5.1/src/chgpasswd.c 2013-07-25 12:27:30.440355847 +0200
@@ -469,6 +469,10 @@ int main (int argc, char **argv)
#endif
cp = pw_encrypt (newpwd,
crypt_make_salt (crypt_method, arg));
+ if (cp == NULL) {
+ perror ("crypt");
+ exit (EXIT_FAILURE);
+ }
}
/*
diff -up shadow-4.1.5.1/src/chpasswd.c.crypt-null shadow-4.1.5.1/src/chpasswd.c
--- shadow-4.1.5.1/src/chpasswd.c.crypt-null 2011-12-09 22:31:40.000000000 +0100
+++ shadow-4.1.5.1/src/chpasswd.c 2013-07-25 12:27:30.440355847 +0200
@@ -492,6 +492,10 @@ int main (int argc, char **argv)
#endif
cp = pw_encrypt (newpwd,
crypt_make_salt(crypt_method, arg));
+ if (cp == NULL) {
+ perror ("crypt");
+ exit (EXIT_FAILURE);
+ }
}
/*
diff -up shadow-4.1.5.1/src/gpasswd.c.crypt-null shadow-4.1.5.1/src/gpasswd.c
--- shadow-4.1.5.1/src/gpasswd.c.crypt-null 2011-11-19 23:55:04.000000000 +0100
+++ shadow-4.1.5.1/src/gpasswd.c 2013-07-25 12:27:30.441355866 +0200
@@ -939,6 +939,10 @@ static void change_passwd (struct group
}
cp = pw_encrypt (pass, crypt_make_salt (NULL, NULL));
+ if (cp==NULL) {
+ perror ("crypt");
+ exit (EXIT_FAILURE);
+ }
memzero (pass, sizeof pass);
#ifdef SHADOWGRP
if (is_shadowgrp) {
diff -up shadow-4.1.5.1/src/newgrp.c.crypt-null shadow-4.1.5.1/src/newgrp.c
--- shadow-4.1.5.1/src/newgrp.c.crypt-null 2011-07-30 03:50:01.000000000 +0200
+++ shadow-4.1.5.1/src/newgrp.c 2013-07-25 12:27:30.442355881 +0200
@@ -184,7 +184,8 @@ static void check_perms (const struct gr
cpasswd = pw_encrypt (cp, grp->gr_passwd);
strzero (cp);
- if (grp->gr_passwd[0] == '\0' ||
+ if (cpasswd == NULL ||
+ grp->gr_passwd[0] == '\0' ||
strcmp (cpasswd, grp->gr_passwd) != 0) {
#ifdef WITH_AUDIT
snprintf (audit_buf, sizeof(audit_buf),
diff -up shadow-4.1.5.1/src/newusers.c.crypt-null shadow-4.1.5.1/src/newusers.c
--- shadow-4.1.5.1/src/newusers.c.crypt-null 2011-12-09 22:31:40.000000000 +0100
+++ shadow-4.1.5.1/src/newusers.c 2013-07-25 12:27:30.442355881 +0200
@@ -387,6 +387,7 @@ static int add_user (const char *name, u
static void update_passwd (struct passwd *pwd, const char *password)
{
void *crypt_arg = NULL;
+ char *cp;
if (crypt_method != NULL) {
#ifdef USE_SHA_CRYPT
if (sflg) {
@@ -398,9 +399,13 @@ static void update_passwd (struct passwd
if ((crypt_method != NULL) && (0 == strcmp(crypt_method, "NONE"))) {
pwd->pw_passwd = (char *)password;
} else {
- pwd->pw_passwd = pw_encrypt (password,
- crypt_make_salt (crypt_method,
- crypt_arg));
+ cp=pw_encrypt (password, crypt_make_salt (crypt_method,
+ crypt_arg));
+ if (cp == NULL) {
+ perror ("crypt");
+ exit (EXIT_FAILURE);
+ }
+ pwd->pw_passwd = cp;
}
}
#endif /* !USE_PAM */
@@ -412,6 +417,7 @@ static int add_passwd (struct passwd *pw
{
const struct spwd *sp;
struct spwd spent;
+ char *cp;
#ifndef USE_PAM
void *crypt_arg = NULL;
@@ -448,7 +454,12 @@ static int add_passwd (struct passwd *pw
} else {
const char *salt = crypt_make_salt (crypt_method,
crypt_arg);
- spent.sp_pwdp = pw_encrypt (password, salt);
+ cp = pw_encrypt (password, salt);
+ if (cp == NULL) {
+ perror ("crypt");
+ exit (EXIT_FAILURE);
+ }
+ spent.sp_pwdp = cp;
}
spent.sp_lstchg = (long) time ((time_t *) 0) / SCALE;
if (0 == spent.sp_lstchg) {
@@ -492,7 +503,12 @@ static int add_passwd (struct passwd *pw
spent.sp_pwdp = (char *)password;
} else {
const char *salt = crypt_make_salt (crypt_method, crypt_arg);
- spent.sp_pwdp = pw_encrypt (password, salt);
+ cp = pw_encrypt (password, salt);
+ if (cp == NULL) {
+ perror ("crypt");
+ exit (EXIT_FAILURE);
+ }
+ spent.sp_pwdp = cp;
}
#else
/*
diff -up shadow-4.1.5.1/src/passwd.c.crypt-null shadow-4.1.5.1/src/passwd.c
--- shadow-4.1.5.1/src/passwd.c.crypt-null 2012-02-13 21:32:01.000000000 +0100
+++ shadow-4.1.5.1/src/passwd.c 2013-07-25 12:27:30.443355896 +0200
@@ -242,7 +242,7 @@ static int new_password (const struct pa
}
cipher = pw_encrypt (clear, crypt_passwd);
- if (strcmp (cipher, crypt_passwd) != 0) {
+ if ((cipher == NULL) || (strcmp (cipher, crypt_passwd) != 0)) {
strzero (clear);
strzero (cipher);
SYSLOG ((LOG_WARN, "incorrect password for %s",
@@ -349,6 +349,10 @@ static int new_password (const struct pa
* Encrypt the password, then wipe the cleartext password.
*/
cp = pw_encrypt (pass, crypt_make_salt (NULL, NULL));
+ if (cp == NULL) {
+ perror ("crypt");
+ exit (EXIT_FAILURE);
+ }
memzero (pass, sizeof pass);
#ifdef HAVE_LIBCRACK_HIST

View file

@ -1,7 +1,7 @@
Summary: Utilities for managing accounts and shadow password files Summary: Utilities for managing accounts and shadow password files
Name: shadow-utils Name: shadow-utils
Version: 4.1.5.1 Version: 4.1.5.1
Release: 7%{?dist} Release: 8%{?dist}
Epoch: 2 Epoch: 2
URL: http://pkg-shadow.alioth.debian.org/ URL: http://pkg-shadow.alioth.debian.org/
Source0: http://pkg-shadow.alioth.debian.org/releases/shadow-%{version}.tar.bz2 Source0: http://pkg-shadow.alioth.debian.org/releases/shadow-%{version}.tar.bz2
@ -22,6 +22,7 @@ Patch12: shadow-4.1.5.1-errmsg.patch
Patch13: shadow-4.1.5.1-audit-owner.patch Patch13: shadow-4.1.5.1-audit-owner.patch
Patch14: shadow-4.1.5.1-default-range.patch Patch14: shadow-4.1.5.1-default-range.patch
Patch15: shadow-4.1.5.1-manfix.patch Patch15: shadow-4.1.5.1-manfix.patch
Patch16: shadow-4.1.5.1-crypt-null.patch
License: BSD and GPLv2+ License: BSD and GPLv2+
Group: System Environment/Base Group: System Environment/Base
@ -65,6 +66,7 @@ are used for managing group accounts.
%patch13 -p1 -b .audit-owner %patch13 -p1 -b .audit-owner
%patch14 -p1 -b .default-range %patch14 -p1 -b .default-range
%patch15 -p1 -b .manfix %patch15 -p1 -b .manfix
%patch16 -p1 -b .crypt-null
iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8 iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8
cp -f doc/HOWTO.utf8 doc/HOWTO cp -f doc/HOWTO.utf8 doc/HOWTO
@ -183,10 +185,10 @@ rm -rf $RPM_BUILD_ROOT
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/login.defs %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/login.defs
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/default/useradd %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/default/useradd
%{_bindir}/sg %{_bindir}/sg
%{_bindir}/chage %attr(4755,root,root) %{_bindir}/chage
%{_bindir}/gpasswd %attr(4755,root,root) %{_bindir}/gpasswd
%{_bindir}/lastlog %{_bindir}/lastlog
%{_bindir}/newgrp %attr(4755,root,root) %{_bindir}/newgrp
%{_sbindir}/adduser %{_sbindir}/adduser
%attr(0750,root,root) %{_sbindir}/user* %attr(0750,root,root) %{_sbindir}/user*
%attr(0750,root,root) %{_sbindir}/group* %attr(0750,root,root) %{_sbindir}/group*
@ -218,6 +220,10 @@ rm -rf $RPM_BUILD_ROOT
%{_mandir}/man8/vigr.8* %{_mandir}/man8/vigr.8*
%changelog %changelog
* Thu Jul 25 2013 Tomas Mraz <tmraz@redhat.com> - 2:4.1.5.1-8
- slightly more meaningful error messages if crypt() returns NULL (#988184)
- explicit suid permissions
* Fri Jul 19 2013 Tomas Mraz <tmraz@redhat.com> - 2:4.1.5.1-7 * Fri Jul 19 2013 Tomas Mraz <tmraz@redhat.com> - 2:4.1.5.1-7
- fix useradd man page bugs - fix useradd man page bugs