rpms/shadow-utils/F-13 shadow-4.1.4.2-uflg.patch, NONE, 1.1 shadow-4.1.4.2-underflow.patch, NONE, 1.1 shadow-utils.spec, 1.144, 1.145

Peter Vrabec pvrabec at fedoraproject.org
Mon Jun 14 11:19:31 UTC 2010 

Author: pvrabec

Update of /cvs/extras/rpms/shadow-utils/F-13
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv30284

Modified Files:
	shadow-utils.spec 
Added Files:
	shadow-4.1.4.2-uflg.patch shadow-4.1.4.2-underflow.patch 
Log Message:
- fix integer underflow in faillog (#603683)
- use preferred GID for reserved static IDs



shadow-4.1.4.2-uflg.patch:
 find_new_gid.c |    8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

--- NEW FILE shadow-4.1.4.2-uflg.patch ---
diff -up shadow-4.1.4.2/libmisc/find_new_gid.c.uflg shadow-4.1.4.2/libmisc/find_new_gid.c
--- shadow-4.1.4.2/libmisc/find_new_gid.c.uflg	2010-05-21 11:31:36.069929199 +0200
+++ shadow-4.1.4.2/libmisc/find_new_gid.c	2010-05-21 11:31:47.600963338 +0200
@@ -61,7 +61,7 @@ int find_new_gid (bool sys_group,
 		gid_min = (gid_t) getdef_ulong ("GID_MIN", 500UL);
 		gid_max = (gid_t) getdef_ulong ("GID_MAX", 60000UL);
 	} else {
-		gid_min = (gid_t) getdef_ulong ("SYS_GID_MIN", 201UL);
+		gid_min = (gid_t) getdef_ulong ("SYS_GID_MIN", 1UL);
 		gid_max = (gid_t) getdef_ulong ("GID_MIN", 500UL) - 1;
 		gid_max = (gid_t) getdef_ulong ("SYS_GID_MAX", (unsigned long) gid_max);
 	}
@@ -79,7 +79,11 @@ int find_new_gid (bool sys_group,
 		*gid = *preferred_gid;
 		return 0;
 	}
-
+	
+	/* if we did not find free preffered system gid, we start to look for 
+	 * one in the range assigned to dynamic system IDs */
+	if (sys_group)
+		gid_min = (gid_t) getdef_ulong ("SYS_GID_MIN", 201UL);
 
 	/*
 	 * Search the entire group file,

shadow-4.1.4.2-underflow.patch:
 faillog.c |   12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

--- NEW FILE shadow-4.1.4.2-underflow.patch ---
diff -up shadow-4.1.4.2/src/faillog.c.overflow shadow-4.1.4.2/src/faillog.c
--- shadow-4.1.4.2/src/faillog.c.overflow	2010-06-14 10:40:28.023030897 +0200
+++ shadow-4.1.4.2/src/faillog.c	2010-06-14 10:53:10.884034750 +0200
@@ -106,8 +106,8 @@ static void print_one (/*@null@*/const s
 		return;
 	}
 
-	offset = pw->pw_uid * sizeof (fl);
-	if (offset <= (statbuf.st_size - sizeof (fl))) {
+	offset = (off_t) pw->pw_uid * sizeof (fl);
+	if (offset + sizeof (fl) <= statbuf.st_size) {
 		/* fseeko errors are not really relevant for us. */
 		int err = fseeko (fail, offset, SEEK_SET);
 		assert (0 == err);
@@ -206,8 +206,8 @@ static bool reset_one (uid_t uid)
 	off_t offset;
 	struct faillog fl;
 
-	offset = uid * sizeof (fl);
-	if (offset <= (statbuf.st_size - sizeof (fl))) {
+	offset = (off_t) uid * sizeof (fl);
+	if (offset + sizeof (fl) <= statbuf.st_size) {
 		/* fseeko errors are not really relevant for us. */
 		int err = fseeko (fail, offset, SEEK_SET);
 		assert (0 == err);
@@ -294,7 +294,7 @@ static bool setmax_one (uid_t uid, int m
 	struct faillog fl;
 
 	offset = (off_t) uid * sizeof (fl);
-	if (offset <= (statbuf.st_size - sizeof (fl))) {
+	if (offset + sizeof (fl) <= statbuf.st_size) {
 		/* fseeko errors are not really relevant for us. */
 		int err = fseeko (fail, offset, SEEK_SET);
 		assert (0 == err);
@@ -385,7 +385,7 @@ static bool set_locktime_one (uid_t uid,
 	struct faillog fl;
 
 	offset = (off_t) uid * sizeof (fl);
-	if (offset <= (statbuf.st_size - sizeof (fl))) {
+	if (offset + sizeof (fl) <= statbuf.st_size) {
 		/* fseeko errors are not really relevant for us. */
 		int err = fseeko (fail, offset, SEEK_SET);
 		assert (0 == err);


Index: shadow-utils.spec
===================================================================
RCS file: /cvs/extras/rpms/shadow-utils/F-13/shadow-utils.spec,v
retrieving revision 1.144
retrieving revision 1.145
diff -u -p -r1.144 -r1.145
--- shadow-utils.spec	29 Apr 2010 15:40:36 -0000	1.144
+++ shadow-utils.spec	14 Jun 2010 11:19:30 -0000	1.145
@@ -1,7 +1,7 @@
 Summary: Utilities for managing accounts and shadow password files
 Name: shadow-utils
 Version: 4.1.4.2
-Release: 6%{?dist}
+Release: 7%{?dist}
 Epoch: 2
 URL: http://pkg-shadow.alioth.debian.org/
 Source0: ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/shadow-%{version}.tar.bz2
@@ -14,6 +14,8 @@ Patch3: shadow-4.1.4.2-fixes.patch
 Patch4: shadow-4.1.4.2-infoParentDir.patch
 Patch5: shadow-4.1.4.2-semange.patch
 Patch6: shadow-4.1.4.2-acl.patch
+Patch7: shadow-4.1.4.2-underflow.patch
+Patch8: shadow-4.1.4.2-uflg.patch
 License: BSD and GPLv2+
 Group: System Environment/Base
 BuildRequires: libselinux-devel >= 1.25.2-1
@@ -46,6 +48,8 @@ are used for managing group accounts.
 %patch4 -p1 -b .infoParentDir
 %patch5 -p1 -b .semange
 %patch6 -p1 -b .acl
+%patch7 -p1 -b .underflow
+%patch8 -p1 -b .uflg
 
 iconv -f ISO88591 -t utf-8  doc/HOWTO > doc/HOWTO.utf8
 cp -f doc/HOWTO.utf8 doc/HOWTO
@@ -188,6 +192,10 @@ rm -rf $RPM_BUILD_ROOT
 %{_mandir}/man8/vigr.8*
 
 %changelog
+* Mon Jun 14 2010 Peter Vrabec <pvrabec at redhat.com> - 2:4.1.4.2-7
+- fix integer underflow in faillog (#603683)
+- use preferred GID for reserved static IDs
+
 * Thu Apr 29 2010 Peter Vrabec <pvrabec at redhat.com> - 2:4.1.4.2-6
 - preserve ACL's on files in /etc/skel 
   Resolves: #513055

More information about the scm-commits mailing list