rpms/shadow-utils/devel shadow-4.1.2-checkName.patch, NONE, 1.1 shadow-4.1.2-gmNoGroup.patch, NONE, 1.1 shadow-utils.spec, 1.122, 1.123
Peter Vrabec
pvrabec at fedoraproject.org
Wed Sep 24 13:26:49 UTC 2008
Author: pvrabec
Update of /cvs/extras/rpms/shadow-utils/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv18488
Modified Files:
shadow-utils.spec
Added Files:
shadow-4.1.2-checkName.patch shadow-4.1.2-gmNoGroup.patch
Log Message:
- groupmems: check username for valid character (#455603)
- groupmems: don't segfault on nonexistent group (#456088)
shadow-4.1.2-checkName.patch:
--- NEW FILE shadow-4.1.2-checkName.patch ---
diff -up shadow-4.1.2/src/groupmems.c.checkName shadow-4.1.2/src/groupmems.c
--- shadow-4.1.2/src/groupmems.c.checkName 2008-09-24 11:17:02.000000000 +0200
+++ shadow-4.1.2/src/groupmems.c 2008-09-24 14:03:01.000000000 +0200
@@ -43,6 +43,7 @@
#include <pwd.h>
#include "defines.h"
#include "groupio.h"
+#include "chkname.h"
/* Exit Status Values */
@@ -54,6 +55,7 @@
#define EXIT_NOT_PRIMARY 5 /* not primary owner of group */
#define EXIT_NOT_MEMBER 6 /* member of group does not exist */
#define EXIT_MEMBER_EXISTS 7 /* member of group already exists */
+#define E_BAD_ARG 8 /* invalid argument to option */
#define TRUE 1
#define FALSE 0
@@ -225,6 +227,12 @@ int main (int argc, char **argv)
usage ();
}
+ /* check if user names is valid */
+ if ( adduser && !check_user_name (adduser)) {
+ fprintf (stderr, _("%s is not a valid user name\n"), adduser);
+ exit (E_BAD_ARG);
+ }
+
if (!isroot () && NULL != thisgroup) {
fputs (_("Only root can add members to different groups\n"),
stderr);
shadow-4.1.2-gmNoGroup.patch:
--- NEW FILE shadow-4.1.2-gmNoGroup.patch ---
diff -up shadow-4.1.2/src/groupmems.c.gmNoGroup shadow-4.1.2/src/groupmems.c
--- shadow-4.1.2/src/groupmems.c.gmNoGroup 2008-09-24 15:00:30.000000000 +0200
+++ shadow-4.1.2/src/groupmems.c 2008-09-24 15:07:20.000000000 +0200
@@ -56,6 +56,7 @@
#define EXIT_NOT_MEMBER 6 /* member of group does not exist */
#define EXIT_MEMBER_EXISTS 7 /* member of group already exists */
#define E_BAD_ARG 8 /* invalid argument to option */
+#define EXIT_NOT_GROUP 8 /* group does not exist */
#define TRUE 1
#define FALSE 0
@@ -293,6 +294,10 @@ int main (int argc, char **argv)
}
grp = (struct group *) gr_locate (name);
+ if (NULL == grp) {
+ fputs (_("Specified group does not exist\n"), stderr);
+ exit (EXIT_NOT_GROUP);
+ }
if (NULL != adduser) {
grp->gr_mem = addtogroup (adduser, grp->gr_mem);
Index: shadow-utils.spec
===================================================================
RCS file: /cvs/extras/rpms/shadow-utils/devel/shadow-utils.spec,v
retrieving revision 1.122
retrieving revision 1.123
diff -u -r1.122 -r1.123
--- shadow-utils.spec 11 Sep 2008 11:47:39 -0000 1.122
+++ shadow-utils.spec 24 Sep 2008 13:26:18 -0000 1.123
@@ -5,7 +5,7 @@
Summary: Utilities for managing accounts and shadow password files
Name: shadow-utils
Version: 4.1.2
-Release: 7%{?dist}
+Release: 8%{?dist}
Epoch: 2
URL: http://pkg-shadow.alioth.debian.org/
Source0: ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/shadow-%{version}.tar.bz2
@@ -19,6 +19,8 @@
Patch4: shadow-4.1.2-gmSEGV.patch
Patch5: shadow-4.1.2-audit.patch
Patch6: shadow-4.1.1-selinuxUserMappings.patch
+Patch7: shadow-4.1.2-checkName.patch
+Patch8: shadow-4.1.2-gmNoGroup.patch
License: BSD
Group: System Environment/Base
@@ -50,6 +52,8 @@
%patch4 -p1 -b .gmSEGV
%patch5 -p1 -b .audit
%patch6 -p1 -b .selinuxUserMappings
+%patch7 -p1 -b .checkName
+%patch8 -p1 -b .gmNoGroup
rm po/*.gmo
@@ -190,6 +194,10 @@
%{_mandir}/man8/vigr.8*
%changelog
+* Wed Sep 24 2008 Peter Vrabec <pvrabec at redhat.com> 2:4.1.2-8
+- groupmems: check username for valid character (#455603)
+- groupmems: don't segfault on nonexistent group (#456088)
+
* Thu Sep 11 2008 Peter Vrabec <pvrabec at redhat.com> 2:4.1.2-7
- fix usermod SELinux user mappings change (#458766)
More information about the fedora-extras-commits
mailing list