44 lines
1.1 KiB
Diff
44 lines
1.1 KiB
Diff
From 117bc66c6f95fa85ca75ecfdb8fbd3615deca0b6 Mon Sep 17 00:00:00 2001
|
|
From: Michael Vetter <jubalh@iodoru.org>
|
|
Date: Mon, 20 Sep 2021 11:04:50 +0200
|
|
Subject: [PATCH] Only free sgent if it was initialized
|
|
|
|
`sgent` is only initialized in `get_group()` if `is_shadowgrp` is true.
|
|
So we should also only attempt to free it if this is actually the case.
|
|
|
|
Can otherwise lead to:
|
|
```
|
|
free() double free detected in tcache 2 (gpasswd)
|
|
```
|
|
|
|
Conflict: NA
|
|
Reference: https://github.com/shadow-maint/shadow/commit/117bc66c6f95fa85ca75ecfdb8fbd3615deca0b6
|
|
|
|
---
|
|
src/gpasswd.c | 12 +++++++-----
|
|
1 file changed, 7 insertions(+), 5 deletions(-)
|
|
|
|
diff --git a/src/gpasswd.c b/src/gpasswd.c
|
|
index a43d9a590..04bed83d6 100644
|
|
--- a/src/gpasswd.c
|
|
+++ b/src/gpasswd.c
|
|
@@ -1207,11 +1207,13 @@ int main (int argc, char **argv)
|
|
sssd_flush_cache (SSSD_DB_GROUP);
|
|
|
|
#ifdef SHADOWGRP
|
|
- if (sgent.sg_adm) {
|
|
- xfree(sgent.sg_adm);
|
|
- }
|
|
- if (sgent.sg_mem) {
|
|
- xfree(sgent.sg_mem);
|
|
+ if (is_shadowgrp) {
|
|
+ if (sgent.sg_adm) {
|
|
+ xfree(sgent.sg_adm);
|
|
+ }
|
|
+ if (sgent.sg_mem) {
|
|
+ xfree(sgent.sg_mem);
|
|
+ }
|
|
}
|
|
#endif
|
|
if (grent.gr_mem) {
|