backport some patches
(cherry picked from commit 76c1b9426d399c8f9a97f46779db76f409c7fbcc)
This commit is contained in:
z30023234
openeuler-sync-bot
parent
a39ac0857e
commit
5d22cefb4a
32
backport-src-passwd-add-overflow-check.patch
Normal file
32
backport-src-passwd-add-overflow-check.patch
Normal file
@ -0,0 +1,32 @@
|
||||
From 2d188a9987789f019dae2d46c50578a474ab2bdd Mon Sep 17 00:00:00 2001
|
||||
From: Tobias Stoeckmann <tobias@stoeckmann.org>
|
||||
Date: Wed, 20 Dec 2023 20:48:54 +0100
|
||||
Subject: [PATCH] src/passwd.c: Add overflow check
|
||||
|
||||
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
|
||||
Link: <https://github.com/shadow-maint/shadow/pull/876>
|
||||
Co-developed-by: Alejandro Colomar <alx@kernel.org>
|
||||
Signed-off-by: Alejandro Colomar <alx@kernel.org>
|
||||
|
||||
Reference: https://github.com/shadow-maint/shadow/commit/2d188a9987789f019dae2d46c50578a474ab2bdd
|
||||
Conflict: NA
|
||||
---
|
||||
src/passwd.c | 5 +++--
|
||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/passwd.c b/src/passwd.c
|
||||
index a24e62dfd..f494a9257 100644
|
||||
--- a/src/passwd.c
|
||||
+++ b/src/passwd.c
|
||||
@@ -387,8 +387,9 @@ static void check_password (const struct passwd *pw, const struct spwd *sp)
|
||||
long now, ok;
|
||||
now = time(NULL) / DAY;
|
||||
ok = sp->sp_lstchg;
|
||||
- if (sp->sp_min > 0) {
|
||||
- ok += sp->sp_min;
|
||||
+ if ( (sp->sp_min > 0)
|
||||
+ && __builtin_add_overflow(ok, sp->sp_min, &ok)) {
|
||||
+ ok = LONG_MAX;
|
||||
}
|
||||
|
||||
if (now < ok) {
|
||||
61
backport-src-passwd.c-Switch-to-day-precision.patch
Normal file
61
backport-src-passwd.c-Switch-to-day-precision.patch
Normal file
@ -0,0 +1,61 @@
|
||||
From 3b5ba41d3e9dfc3bf058f0f31529c08201265241 Mon Sep 17 00:00:00 2001
|
||||
From: Tobias Stoeckmann <tobias@stoeckmann.org>
|
||||
Date: Thu, 14 Dec 2023 11:54:00 +0100
|
||||
Subject: [PATCH] src/passwd.c: Switch to day precision
|
||||
|
||||
The size of time_t varies across systems, but since data type long is
|
||||
more than enough to calculate with days (precision of shadow file),
|
||||
use it instead.
|
||||
|
||||
Just in case a shadow file contains huge values, check for a possible
|
||||
signed integer overflow.
|
||||
|
||||
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
|
||||
Link: <https://github.com/shadow-maint/shadow/pull/876>
|
||||
Signed-off-by: Alejandro Colomar <alx@kernel.org>
|
||||
|
||||
Reference: https://github.com/shadow-maint/shadow/commit/3b5ba41d3e9dfc3bf058f0f31529c08201265241
|
||||
Conflict: src/chpasswd.c
|
||||
---
|
||||
src/passwd.c | 10 ++++------
|
||||
1 file changed, 4 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/src/passwd.c b/src/passwd.c
|
||||
index 336bbc9..d79767a 100644
|
||||
--- a/src/passwd.c
|
||||
+++ b/src/passwd.c
|
||||
@@ -390,7 +390,6 @@ static int new_password (const struct passwd *pw)
|
||||
*/
|
||||
static void check_password (const struct passwd *pw, const struct spwd *sp)
|
||||
{
|
||||
- time_t now;
|
||||
int exp_status;
|
||||
|
||||
exp_status = isexpired (pw, sp);
|
||||
@@ -410,8 +409,6 @@ static void check_password (const struct passwd *pw, const struct spwd *sp)
|
||||
return;
|
||||
}
|
||||
|
||||
- (void) time (&now);
|
||||
-
|
||||
/*
|
||||
* Expired accounts cannot be changed ever. Passwords which are
|
||||
* locked may not be changed. Passwords where min > max may not be
|
||||
@@ -434,10 +431,11 @@ static void check_password (const struct passwd *pw, const struct spwd *sp)
|
||||
* Passwords may only be changed after sp_min time is up.
|
||||
*/
|
||||
if (sp->sp_lstchg > 0) {
|
||||
- time_t ok;
|
||||
- ok = (time_t) sp->sp_lstchg * SCALE;
|
||||
+ long now, ok;
|
||||
+ now = time(NULL) / DAY;
|
||||
+ ok = sp->sp_lstchg;
|
||||
if (sp->sp_min > 0) {
|
||||
- ok += (time_t) sp->sp_min * SCALE;
|
||||
+ ok += sp->sp_min;
|
||||
}
|
||||
|
||||
if (now < ok) {
|
||||
--
|
||||
2.33.0
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
Name: shadow
|
||||
Version: 4.9
|
||||
Release: 14
|
||||
Release: 15
|
||||
Epoch: 2
|
||||
License: BSD and GPLv2+
|
||||
Summary: Tools for managing accounts and shadow password files
|
||||
@ -94,6 +94,8 @@ Patch74: backport-newgrp-fix-potential-string-injection.patch
|
||||
Patch75: shadow-Remove-encrypted-passwd-for-useradd-gr.patch
|
||||
Patch76: backport-shadow-userdel-add-the-adaptation-to-the-busybox-ps-.patch
|
||||
Patch77: backport-lib-btrfs-avoid-NULL-dereference.patch
|
||||
Patch78: backport-src-passwd.c-Switch-to-day-precision.patch
|
||||
Patch79: backport-src-passwd-add-overflow-check.patch
|
||||
|
||||
BuildRequires: gcc, libselinux-devel, audit-libs-devel, libsemanage-devel
|
||||
BuildRequires: libacl-devel, libattr-devel
|
||||
@ -263,6 +265,9 @@ rm -f $RPM_BUILD_ROOT/%{_libdir}/libsubid.la
|
||||
%{_mandir}/*/*
|
||||
|
||||
%changelog
|
||||
* Sun Feb 4 2024 zhengxiaoxiao <zhengxiaoxiao2@huawei.com> - 2:4.9-15
|
||||
- backport some patches
|
||||
|
||||
* Thu Nov 9 2023 wangqingsan <wangqingsan@huawei.com> - 2:4.9-14
|
||||
- backport some patches
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user