[shadow-utils] slightly more meaningful error messages if crypt() returns NULL (#988184)

Tomáš Mráz tmraz at fedoraproject.org
Thu Jul 25 11:26:38 UTC 2013 

commit a451dc3d55537561abfedfd482249e18324b3d52
Author: Tomas Mraz <tmraz at fedoraproject.org>
Date:   Thu Jul 25 13:26:18 2013 +0200

    slightly more meaningful error messages if crypt() returns NULL (#988184)
    
    - explicit suid permissions

 shadow-4.1.5.1-crypt-null.patch |  195 +++++++++++++++++++++++++++++++++++++++
 shadow-utils.spec               |   14 ++-
 2 files changed, 205 insertions(+), 4 deletions(-)
---
diff --git a/shadow-4.1.5.1-crypt-null.patch b/shadow-4.1.5.1-crypt-null.patch
new file mode 100644
index 0000000..fba72e7
--- /dev/null
+++ b/shadow-4.1.5.1-crypt-null.patch
@@ -0,0 +1,195 @@
+diff -up shadow-4.1.5.1/lib/encrypt.c.crypt-null shadow-4.1.5.1/lib/encrypt.c
+--- shadow-4.1.5.1/lib/encrypt.c.crypt-null	2010-08-22 15:05:02.000000000 +0200
++++ shadow-4.1.5.1/lib/encrypt.c	2013-07-25 12:27:30.438355782 +0200
+@@ -49,11 +49,10 @@
+ 	if (!cp) {
+ 		/*
+ 		 * Single Unix Spec: crypt() may return a null pointer,
+-		 * and set errno to indicate an error.  The caller doesn't
+-		 * expect us to return NULL, so...
++		 * and set errno to indicate an error. In this case return
++		 * the NULL so the caller can handle appropriately.
+ 		 */
+-		perror ("crypt");
+-		exit (EXIT_FAILURE);
++		return cp;
+ 	}
+ 
+ 	/* The GNU crypt does not return NULL if the algorithm is not
+diff -up shadow-4.1.5.1/libmisc/valid.c.crypt-null shadow-4.1.5.1/libmisc/valid.c
+--- shadow-4.1.5.1/libmisc/valid.c.crypt-null	2010-08-22 21:14:41.000000000 +0200
++++ shadow-4.1.5.1/libmisc/valid.c	2013-07-25 12:27:30.440355847 +0200
+@@ -95,6 +95,7 @@ bool valid (const char *password, const
+ 	 */
+ 
+ 	if (   (NULL != ent->pw_name)
++	    && (NULL != encrypted)
+ 	    && (strcmp (encrypted, ent->pw_passwd) == 0)) {
+ 		return true;
+ 	} else {
+diff -up shadow-4.1.5.1/lib/pwauth.c.crypt-null shadow-4.1.5.1/lib/pwauth.c
+--- shadow-4.1.5.1/lib/pwauth.c.crypt-null	2009-07-13 00:24:48.000000000 +0200
++++ shadow-4.1.5.1/lib/pwauth.c	2013-07-25 12:27:30.438355782 +0200
+@@ -73,6 +73,7 @@ int pw_auth (const char *cipher,
+ 	char prompt[1024];
+ 	char *clear = NULL;
+ 	const char *cp;
++	const char *encrypted;
+ 	int retval;
+ 
+ #ifdef	SKEY
+@@ -177,7 +178,11 @@ int pw_auth (const char *cipher,
+ 	 * the results there as well.
+ 	 */
+ 
+-	retval = strcmp (pw_encrypt (input, cipher), cipher);
++	encrypted = pw_encrypt (input, cipher);
++	if (encrypted!=NULL)
++		retval = strcmp (encrypted, cipher);
++	else
++		retval = -1;
+ 
+ #ifdef  SKEY
+ 	/*
+diff -up shadow-4.1.5.1/src/chgpasswd.c.crypt-null shadow-4.1.5.1/src/chgpasswd.c
+--- shadow-4.1.5.1/src/chgpasswd.c.crypt-null	2011-12-09 22:31:40.000000000 +0100
++++ shadow-4.1.5.1/src/chgpasswd.c	2013-07-25 12:27:30.440355847 +0200
+@@ -469,6 +469,10 @@ int main (int argc, char **argv)
+ #endif
+ 			cp = pw_encrypt (newpwd,
+ 			                 crypt_make_salt (crypt_method, arg));
++			if (cp == NULL) {
++				perror ("crypt");
++				exit (EXIT_FAILURE);
++			}	
+ 		}
+ 
+ 		/*
+diff -up shadow-4.1.5.1/src/chpasswd.c.crypt-null shadow-4.1.5.1/src/chpasswd.c
+--- shadow-4.1.5.1/src/chpasswd.c.crypt-null	2011-12-09 22:31:40.000000000 +0100
++++ shadow-4.1.5.1/src/chpasswd.c	2013-07-25 12:27:30.440355847 +0200
+@@ -492,6 +492,10 @@ int main (int argc, char **argv)
+ #endif
+ 			cp = pw_encrypt (newpwd,
+ 			                 crypt_make_salt(crypt_method, arg));
++			if (cp == NULL) {
++				perror ("crypt");
++				exit (EXIT_FAILURE);
++			}
+ 		}
+ 
+ 		/*
+diff -up shadow-4.1.5.1/src/gpasswd.c.crypt-null shadow-4.1.5.1/src/gpasswd.c
+--- shadow-4.1.5.1/src/gpasswd.c.crypt-null	2011-11-19 23:55:04.000000000 +0100
++++ shadow-4.1.5.1/src/gpasswd.c	2013-07-25 12:27:30.441355866 +0200
+@@ -939,6 +939,10 @@ static void change_passwd (struct group
+ 	}
+ 
+ 	cp = pw_encrypt (pass, crypt_make_salt (NULL, NULL));
++	if (cp==NULL) {
++		perror ("crypt");
++		exit (EXIT_FAILURE);
++	}
+ 	memzero (pass, sizeof pass);
+ #ifdef SHADOWGRP
+ 	if (is_shadowgrp) {
+diff -up shadow-4.1.5.1/src/newgrp.c.crypt-null shadow-4.1.5.1/src/newgrp.c
+--- shadow-4.1.5.1/src/newgrp.c.crypt-null	2011-07-30 03:50:01.000000000 +0200
++++ shadow-4.1.5.1/src/newgrp.c	2013-07-25 12:27:30.442355881 +0200
+@@ -184,7 +184,8 @@ static void check_perms (const struct gr
+ 		cpasswd = pw_encrypt (cp, grp->gr_passwd);
+ 		strzero (cp);
+ 
+-		if (grp->gr_passwd[0] == '\0' ||
++		if (cpasswd == NULL ||
++		    grp->gr_passwd[0] == '\0' ||
+ 		    strcmp (cpasswd, grp->gr_passwd) != 0) {
+ #ifdef WITH_AUDIT
+ 			snprintf (audit_buf, sizeof(audit_buf),
+diff -up shadow-4.1.5.1/src/newusers.c.crypt-null shadow-4.1.5.1/src/newusers.c
+--- shadow-4.1.5.1/src/newusers.c.crypt-null	2011-12-09 22:31:40.000000000 +0100
++++ shadow-4.1.5.1/src/newusers.c	2013-07-25 12:27:30.442355881 +0200
+@@ -387,6 +387,7 @@ static int add_user (const char *name, u
+ static void update_passwd (struct passwd *pwd, const char *password)
+ {
+ 	void *crypt_arg = NULL;
++	char *cp;
+ 	if (crypt_method != NULL) {
+ #ifdef USE_SHA_CRYPT
+ 		if (sflg) {
+@@ -398,9 +399,13 @@ static void update_passwd (struct passwd
+ 	if ((crypt_method != NULL) && (0 == strcmp(crypt_method, "NONE"))) {
+ 		pwd->pw_passwd = (char *)password;
+ 	} else {
+-		pwd->pw_passwd = pw_encrypt (password,
+-		                             crypt_make_salt (crypt_method,
+-		                                              crypt_arg));
++		cp=pw_encrypt (password, crypt_make_salt (crypt_method, 
++		                                          crypt_arg));
++		if (cp == NULL) {
++			perror ("crypt");
++			exit (EXIT_FAILURE);
++		}
++		pwd->pw_passwd = cp;
+ 	}
+ }
+ #endif				/* !USE_PAM */
+@@ -412,6 +417,7 @@ static int add_passwd (struct passwd *pw
+ {
+ 	const struct spwd *sp;
+ 	struct spwd spent;
++	char *cp;
+ 
+ #ifndef USE_PAM
+ 	void *crypt_arg = NULL;
+@@ -448,7 +454,12 @@ static int add_passwd (struct passwd *pw
+ 		} else {
+ 			const char *salt = crypt_make_salt (crypt_method,
+ 			                                    crypt_arg);
+-			spent.sp_pwdp = pw_encrypt (password, salt);
++			cp = pw_encrypt (password, salt);
++			if (cp == NULL) {
++				perror ("crypt");
++				exit (EXIT_FAILURE);
++			}
++			spent.sp_pwdp = cp;
+ 		}
+ 		spent.sp_lstchg = (long) time ((time_t *) 0) / SCALE;
+ 		if (0 == spent.sp_lstchg) {
+@@ -492,7 +503,12 @@ static int add_passwd (struct passwd *pw
+ 		spent.sp_pwdp = (char *)password;
+ 	} else {
+ 		const char *salt = crypt_make_salt (crypt_method, crypt_arg);
+-		spent.sp_pwdp = pw_encrypt (password, salt);
++		cp = pw_encrypt (password, salt);
++		if (cp == NULL) {
++			perror ("crypt");
++			exit (EXIT_FAILURE);
++		}
++		spent.sp_pwdp = cp;
+ 	}
+ #else
+ 	/*
+diff -up shadow-4.1.5.1/src/passwd.c.crypt-null shadow-4.1.5.1/src/passwd.c
+--- shadow-4.1.5.1/src/passwd.c.crypt-null	2012-02-13 21:32:01.000000000 +0100
++++ shadow-4.1.5.1/src/passwd.c	2013-07-25 12:27:30.443355896 +0200
+@@ -242,7 +242,7 @@ static int new_password (const struct pa
+ 		}
+ 
+ 		cipher = pw_encrypt (clear, crypt_passwd);
+-		if (strcmp (cipher, crypt_passwd) != 0) {
++		if ((cipher == NULL) || (strcmp (cipher, crypt_passwd) != 0)) {
+ 			strzero (clear);
+ 			strzero (cipher);
+ 			SYSLOG ((LOG_WARN, "incorrect password for %s",
+@@ -349,6 +349,10 @@ static int new_password (const struct pa
+ 	 * Encrypt the password, then wipe the cleartext password.
+ 	 */
+ 	cp = pw_encrypt (pass, crypt_make_salt (NULL, NULL));
++	if (cp == NULL) {
++		perror ("crypt");
++		exit (EXIT_FAILURE);
++	}
+ 	memzero (pass, sizeof pass);
+ 
+ #ifdef HAVE_LIBCRACK_HIST
diff --git a/shadow-utils.spec b/shadow-utils.spec
index f3f054b..56f8a3f 100644
--- a/shadow-utils.spec
+++ b/shadow-utils.spec
@@ -1,7 +1,7 @@
 Summary: Utilities for managing accounts and shadow password files
 Name: shadow-utils
 Version: 4.1.5.1
-Release: 7%{?dist}
+Release: 8%{?dist}
 Epoch: 2
 URL: http://pkg-shadow.alioth.debian.org/
 Source0: http://pkg-shadow.alioth.debian.org/releases/shadow-%{version}.tar.bz2
@@ -22,6 +22,7 @@ Patch12: shadow-4.1.5.1-errmsg.patch
 Patch13: shadow-4.1.5.1-audit-owner.patch
 Patch14: shadow-4.1.5.1-default-range.patch
 Patch15: shadow-4.1.5.1-manfix.patch
+Patch16: shadow-4.1.5.1-crypt-null.patch
 
 License: BSD and GPLv2+
 Group: System Environment/Base
@@ -65,6 +66,7 @@ are used for managing group accounts.
 %patch13 -p1 -b .audit-owner
 %patch14 -p1 -b .default-range
 %patch15 -p1 -b .manfix
+%patch16 -p1 -b .crypt-null
 
 iconv -f ISO88591 -t utf-8  doc/HOWTO > doc/HOWTO.utf8
 cp -f doc/HOWTO.utf8 doc/HOWTO
@@ -183,10 +185,10 @@ rm -rf $RPM_BUILD_ROOT
 %attr(0644,root,root)   %config(noreplace) %{_sysconfdir}/login.defs
 %attr(0644,root,root)   %config(noreplace) %{_sysconfdir}/default/useradd
 %{_bindir}/sg
-%{_bindir}/chage
-%{_bindir}/gpasswd
+%attr(4755,root,root) %{_bindir}/chage
+%attr(4755,root,root) %{_bindir}/gpasswd
 %{_bindir}/lastlog
-%{_bindir}/newgrp
+%attr(4755,root,root) %{_bindir}/newgrp
 %{_sbindir}/adduser
 %attr(0750,root,root)   %{_sbindir}/user*
 %attr(0750,root,root)   %{_sbindir}/group*
@@ -218,6 +220,10 @@ rm -rf $RPM_BUILD_ROOT
 %{_mandir}/man8/vigr.8*
 
 %changelog
+* Thu Jul 25 2013 Tomas Mraz <tmraz at redhat.com> - 2:4.1.5.1-8
+- slightly more meaningful error messages if crypt() returns NULL (#988184)
+- explicit suid permissions
+
 * Fri Jul 19 2013 Tomas Mraz <tmraz at redhat.com> - 2:4.1.5.1-7
 - fix useradd man page bugs

More information about the scm-commits mailing list