fix cwe-394

2022-12-20 22:49:29 +08:00 · 2022-12-20 22:49:29 +08:00 · 185506c7eb
commit 185506c7eb
parent 3142e4a0f2
2 changed files with 61 additions and 1 deletions
--- a/backport-UTILS-fixes-CWE-394.patch
+++ b/backport-UTILS-fixes-CWE-394.patch
@ -0,0 +1,55 @@
+From 60c30a3fdc5207d3c009b00384190dc75b153d49 Mon Sep 17 00:00:00 2001
+From: Alexey Tikhonov <atikhono@redhat.com>
+Date: Tue, 22 Mar 2022 11:55:58 +0100
+Subject: [PATCH] UTILS: fixes CWE-394
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+like:
+
+```
+src/responder/nss/nsssrv.c:339: negative_return_fn: Function "sss_mmap_cache_init(nctx, "passwd", nctx->mc_uid, nctx->mc_gid, SSS_MC_PASSWD, mc_size_passwd * 26214UL, (time_t)memcache_timeout, &nctx->pwd_mc_ctx)" returns a negative number.
+src/responder/nss/nsssrv.c:339: assign: Assigning: "ret" = "sss_mmap_cache_init(nctx, "passwd", nctx->mc_uid, nctx->mc_gid, SSS_MC_PASSWD, mc_size_passwd * 26214UL, (time_t)memcache_timeout, &nctx->pwd_mc_ctx)".
+src/responder/nss/nsssrv.c:346: negative_returns: "ret" is passed to a parameter that cannot be negative.
+ #  344|                                 &nctx->pwd_mc_ctx);
+ #  345|       if (ret) {
+ #  346|->         DEBUG(SSSDBG_CRIT_FAILURE,
+ #  347|                 "Failed to initialize passwd mmap cache: '%s'\n",
+ #  348|                 sss_strerror(ret));
+```
+
+Reviewed-by: Justin Stephenson <jstephen@redhat.com>
+Reviewed-by: Tomáš Halman <thalman@redhat.com>
+---
+ src/util/util_lock.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/src/util/util_lock.c b/src/util/util_lock.c
+index 62c80b296..9f2885805 100644
+--- a/src/util/util_lock.c
+++ b/src/util/util_lock.c
+@@ -63,8 +63,9 @@ errno_t sss_br_lock_file(int fd, size_t start, size_t len,
+                 if (retries_left - 1 > 0) {
+                     ret = usleep(wait);
+                     if (ret == -1) {
+                        ret = errno;
+                         DEBUG(SSSDBG_MINOR_FAILURE,
+-                              "usleep() failed -> ignoring\n");
+                              "usleep() failed with %d -> ignoring\n", ret);
+                     }
+                 }
+             } else {
+@@ -76,6 +77,9 @@ errno_t sss_br_lock_file(int fd, size_t start, size_t len,
+         } else if (ret == 0) {
+             /* File successfully locked */
+             break;
+        } else {
+            DEBUG(SSSDBG_MINOR_FAILURE,
+                  "Unexpected fcntl() return code: %d\n", ret);
+         }
+     }
+     if (retries_left == 0) {
+-- 
+2.32.0.windows.1
+
--- a/sssd.spec
+++ b/sssd.spec
@ -1,6 +1,6 @@
 Name: sssd
 Version: 2.6.1
-Release: 4
+Release: 5
 Summary: System Security Services Daemon
 License: GPLv3+ and LGPLv3+
 URL: https://pagure.io/SSSD/sssd/
@ -14,6 +14,8 @@ Recommends: bind-utils
 Recommends: bind-utils
 Recommends: adcli

+Patch6000: backport-UTILS-fixes-CWE-394.patch
+
 Provides: libsss_sudo-devel = %{version}-%{release}
 Provides: sssd-common = %{version}-%{release}
 Provides: sssd-ldap = %{version}-%{release}
@ -512,6 +514,9 @@ fi
 %systemd_postun_with_restart sssd.service

 %changelog
+* Tue Dec 20 2022 zhouchenchen <zhouchenchen@huawei.com> - 2.6.1-5
+- fix CWE-394
+
 * Tue Nov 22 2022 zhouchenchen <zhouchenchen@huawei.com> - 2.6.1-4
 - delete duplicate file sssd-example.conf