1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
Goal: Input sanitization for chfn and chsh
Fixes: CVE-2011-0721
Status wrt upstream: Already applied upstream (4.1.4.3)
--- a/src/chfn.c
+++ b/src/chfn.c
@@ -551,14 +551,14 @@
static void check_fields (void)
{
int err;
- err = valid_field (fullnm, ":,=");
+ err = valid_field (fullnm, ":,=\n");
if (err > 0) {
fprintf (stderr, _("%s: name with non-ASCII characters: '%s'\n"), Prog, fullnm);
} else if (err < 0) {
fprintf (stderr, _("%s: invalid name: '%s'\n"), Prog, fullnm);
fail_exit (E_NOPERM);
}
- err = valid_field (roomno, ":,=");
+ err = valid_field (roomno, ":,=\n");
if (err > 0) {
fprintf (stderr, _("%s: room number with non-ASCII characters: '%s'\n"), Prog, roomno);
} else if (err < 0) {
@@ -566,17 +566,17 @@
Prog, roomno);
fail_exit (E_NOPERM);
}
- if (valid_field (workph, ":,=") != 0) {
+ if (valid_field (workph, ":,=\n") != 0) {
fprintf (stderr, _("%s: invalid work phone: '%s'\n"),
Prog, workph);
fail_exit (E_NOPERM);
}
- if (valid_field (homeph, ":,=") != 0) {
+ if (valid_field (homeph, ":,=\n") != 0) {
fprintf (stderr, _("%s: invalid home phone: '%s'\n"),
Prog, homeph);
fail_exit (E_NOPERM);
}
- err = valid_field (slop, ":");
+ err = valid_field (slop, ":\n");
if (err > 0) {
fprintf (stderr, _("%s: '%s' contains non-ASCII characters\n"), Prog, slop);
} else if (err < 0) {
--- a/src/chsh.
+++ b/src/chsh.c
@@ -528,7 +528,7 @@
* users are restricted to using the shells in /etc/shells.
* The shell must be executable by the user.
*/
- if (valid_field (loginsh, ":,=") != 0) {
+ if (valid_field (loginsh, ":,=\n") != 0) {
fprintf (stderr, _("%s: Invalid entry: %s\n"), Prog, loginsh);
fail_exit (1);
}
|
