[shadow-utils] fix leaks in .IDs patch (#734340)
Peter Vrabec
pvrabec at fedoraproject.org
Tue Dec 20 12:54:18 UTC 2011
commit 5f231e7c3776c218583c41a9925a3d22f77f5d26
Author: Peter Vrabec <pvrabec at redhat.com>
Date: Tue Dec 20 13:53:56 2011 +0100
fix leaks in .IDs patch (#734340)
shadow-4.1.4.3-IDs.patch | 79 +++++++++++++++++++++++++++++++++++++++------
shadow-utils.spec | 5 ++-
2 files changed, 72 insertions(+), 12 deletions(-)
---
diff --git a/shadow-4.1.4.3-IDs.patch b/shadow-4.1.4.3-IDs.patch
index 3e5ea23..6d26f74 100644
--- a/shadow-4.1.4.3-IDs.patch
+++ b/shadow-4.1.4.3-IDs.patch
@@ -1,6 +1,6 @@
diff -up shadow-4.1.4.3/libmisc/find_new_gid.c.IDs shadow-4.1.4.3/libmisc/find_new_gid.c
---- shadow-4.1.4.3/libmisc/find_new_gid.c.IDs 2011-05-20 22:45:27.852146758 +0200
-+++ shadow-4.1.4.3/libmisc/find_new_gid.c 2011-05-20 22:47:45.977909798 +0200
+--- shadow-4.1.4.3/libmisc/find_new_gid.c.IDs 2011-12-20 13:28:13.042668305 +0100
++++ shadow-4.1.4.3/libmisc/find_new_gid.c 2011-12-20 13:35:40.011817589 +0100
@@ -32,6 +32,7 @@
#include <assert.h>
@@ -9,23 +9,56 @@ diff -up shadow-4.1.4.3/libmisc/find_new_gid.c.IDs shadow-4.1.4.3/libmisc/find_n
#include "prototypes.h"
#include "groupio.h"
-@@ -65,7 +66,12 @@ int find_new_gid (bool sys_group,
+@@ -65,8 +66,6 @@ int find_new_gid (bool sys_group,
gid_max = (gid_t) getdef_ulong ("GID_MIN", 1000UL) - 1;
gid_max = (gid_t) getdef_ulong ("SYS_GID_MAX", (unsigned long) gid_max);
}
- used_gids = alloca (sizeof (bool) * (gid_max +1));
+- memset (used_gids, false, sizeof (bool) * (gid_max + 1));
+
+ if ( (NULL != preferred_gid)
+ && (*preferred_gid >= gid_min)
+@@ -80,6 +79,14 @@ int find_new_gid (bool sys_group,
+ return 0;
+ }
+
+ used_gids = malloc (sizeof (bool) * (gid_max +1));
+ if(used_gids==NULL) {
+ fprintf (stderr,
+ _("%s: failed to allocate memory. %s\n"), Prog, strerror (errno));
+ return -1;
+ }
- memset (used_gids, false, sizeof (bool) * (gid_max + 1));
++ memset (used_gids, false, sizeof (bool) * (gid_max + 1));
++
+ /* if we did not find free preffered system gid, we start to look for
+ * one in the range assigned to dynamic system IDs */
+ if (sys_group)
+@@ -162,6 +169,7 @@ int find_new_gid (bool sys_group,
+ Prog);
+ SYSLOG ((LOG_WARN,
+ "no more available GID on the system"));
++ free(used_gids);
+ return -1;
+ }
+ }
+@@ -177,12 +185,14 @@ int find_new_gid (bool sys_group,
+ _("%s: Can't get unique GID (no more available GIDs)\n"),
+ Prog);
+ SYSLOG ((LOG_WARN, "no more available GID on the system"));
++ free(used_gids);
+ return -1;
+ }
+ }
+ }
+
+ *gid = group_id;
++ free(used_gids);
+ return 0;
+ }
- if ( (NULL != preferred_gid)
diff -up shadow-4.1.4.3/libmisc/find_new_uid.c.IDs shadow-4.1.4.3/libmisc/find_new_uid.c
--- shadow-4.1.4.3/libmisc/find_new_uid.c.IDs 2011-02-13 18:58:11.000000000 +0100
-+++ shadow-4.1.4.3/libmisc/find_new_uid.c 2011-05-20 22:47:45.977909798 +0200
++++ shadow-4.1.4.3/libmisc/find_new_uid.c 2011-12-20 13:37:27.415023688 +0100
@@ -32,6 +32,7 @@
#include <assert.h>
@@ -34,25 +67,49 @@ diff -up shadow-4.1.4.3/libmisc/find_new_uid.c.IDs shadow-4.1.4.3/libmisc/find_n
#include "prototypes.h"
#include "pwio.h"
-@@ -65,7 +66,12 @@ int find_new_uid (bool sys_user,
+@@ -65,8 +66,6 @@ int find_new_uid (bool sys_user,
uid_max = (uid_t) getdef_ulong ("UID_MIN", 1000UL) - 1;
uid_max = (uid_t) getdef_ulong ("SYS_UID_MAX", (unsigned long) uid_max);
}
- used_uids = alloca (sizeof (bool) * (uid_max +1));
+- memset (used_uids, false, sizeof (bool) * (uid_max + 1));
+
+ if ( (NULL != preferred_uid)
+ && (*preferred_uid >= uid_min)
+@@ -80,6 +79,13 @@ int find_new_uid (bool sys_user,
+ return 0;
+ }
+
+ used_uids = malloc (sizeof (bool) * (uid_max +1));
+ if(used_uids==NULL) {
+ fprintf (stderr,
+ _("%s: failed to allocate memory. %s\n"), Prog, strerror (errno));
+ return -1;
+ }
- memset (used_uids, false, sizeof (bool) * (uid_max + 1));
++ memset (used_uids, false, sizeof (bool) * (uid_max + 1));
- if ( (NULL != preferred_uid)
-@@ -178,6 +184,7 @@ int find_new_uid (bool sys_user,
+ /*
+ * Search the entire password file,
+@@ -158,6 +164,7 @@ int find_new_uid (bool sys_user,
+ Prog);
+ SYSLOG ((LOG_WARN,
+ "no more available UID on the system"));
++ free(used_uids);
+ return -1;
+ }
+ }
+@@ -173,12 +180,14 @@ int find_new_uid (bool sys_user,
+ _("%s: Can't get unique UID (no more available UIDs)\n"),
+ Prog);
+ SYSLOG ((LOG_WARN, "no more available UID on the system"));
++ free(used_uids);
+ return -1;
+ }
}
}
-+ free(used_uids);
*uid = user_id;
++ free(used_uids);
return 0;
}
+
diff --git a/shadow-utils.spec b/shadow-utils.spec
index 18a1090..afe5104 100644
--- a/shadow-utils.spec
+++ b/shadow-utils.spec
@@ -1,7 +1,7 @@
Summary: Utilities for managing accounts and shadow password files
Name: shadow-utils
Version: 4.1.4.3
-Release: 11%{?dist}
+Release: 12%{?dist}
Epoch: 2
URL: http://pkg-shadow.alioth.debian.org/
Source0: http://pkg-shadow.alioth.debian.org/releases/shadow-%{version}.tar.bz2
@@ -228,6 +228,9 @@ rm -rf $RPM_BUILD_ROOT
%{_mandir}/man8/vigr.8*
%changelog
+* Tue Dec 20 2011 Peter Vrabec <pvrabec at redhat.com> - 2:4.1.4.3-12
+- fix leaks in .IDs patch (#734340)
+
* Wed Nov 16 2011 Peter Vrabec <pvrabec at redhat.com> - 2:4.1.4.3-11
- free memory associated with SELinux security contexts
More information about the scm-commits
mailing list