diff options
Diffstat (limited to 'testing/shadow/shadow_CVE-2011-0721.patch')
-rw-r--r-- | testing/shadow/shadow_CVE-2011-0721.patch | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/testing/shadow/shadow_CVE-2011-0721.patch b/testing/shadow/shadow_CVE-2011-0721.patch new file mode 100644 index 000000000..eb9ad80a2 --- /dev/null +++ b/testing/shadow/shadow_CVE-2011-0721.patch @@ -0,0 +1,57 @@ +Goal: Input sanitization for chfn and chsh + +Fixes: CVE-2011-0721 + +Status wrt upstream: Already applied upstream (4.1.4.3) + +--- a/src/chfn.c ++++ b/src/chfn.c +@@ -551,14 +551,14 @@ + static void check_fields (void) + { + int err; +- err = valid_field (fullnm, ":,="); ++ err = valid_field (fullnm, ":,=\n"); + if (err > 0) { + fprintf (stderr, _("%s: name with non-ASCII characters: '%s'\n"), Prog, fullnm); + } else if (err < 0) { + fprintf (stderr, _("%s: invalid name: '%s'\n"), Prog, fullnm); + fail_exit (E_NOPERM); + } +- err = valid_field (roomno, ":,="); ++ err = valid_field (roomno, ":,=\n"); + if (err > 0) { + fprintf (stderr, _("%s: room number with non-ASCII characters: '%s'\n"), Prog, roomno); + } else if (err < 0) { +@@ -566,17 +566,17 @@ + Prog, roomno); + fail_exit (E_NOPERM); + } +- if (valid_field (workph, ":,=") != 0) { ++ if (valid_field (workph, ":,=\n") != 0) { + fprintf (stderr, _("%s: invalid work phone: '%s'\n"), + Prog, workph); + fail_exit (E_NOPERM); + } +- if (valid_field (homeph, ":,=") != 0) { ++ if (valid_field (homeph, ":,=\n") != 0) { + fprintf (stderr, _("%s: invalid home phone: '%s'\n"), + Prog, homeph); + fail_exit (E_NOPERM); + } +- err = valid_field (slop, ":"); ++ err = valid_field (slop, ":\n"); + if (err > 0) { + fprintf (stderr, _("%s: '%s' contains non-ASCII characters\n"), Prog, slop); + } else if (err < 0) { +--- a/src/chsh. ++++ b/src/chsh.c +@@ -528,7 +528,7 @@ + * users are restricted to using the shells in /etc/shells. + * The shell must be executable by the user. + */ +- if (valid_field (loginsh, ":,=") != 0) { ++ if (valid_field (loginsh, ":,=\n") != 0) { + fprintf (stderr, _("%s: Invalid entry: %s\n"), Prog, loginsh); + fail_exit (1); + } |