emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

* NEWS, srclib/getlong.c: Fix parsing of octal numbers.

Browse Source 
* NEWS, src/login.c: Fix segfault when no user is provided on the
	command line.
This commit is contained in:
nekral-guest 2009-04-15 17:50:17 +00:00
parent 70d9bc6233
commit a24058d660
4 changed files with 27 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
ChangeLog
View File

@ -1,3 +1,12 @@
2009-04-15 Peter Vrabec <pvrabec@redhat.com>
* NEWS, srclib/getlong.c: Fix parsing of octal numbers.
2009-04-15 Nicolas François <nicolas.francois@centraliens.net>
* NEWS, src/login.c: Fix segfault when no user is provided on the
command line.
2009-04-15 Nicolas François <nicolas.francois@centraliens.net> 2009-04-15 Nicolas François <nicolas.francois@centraliens.net>
* README, libmisc/system.c: Was contributed by Dan Walsh. * README, libmisc/system.c: Was contributed by Dan Walsh.

10
NEWS
View File

@ -1,11 +1,19 @@
$Id$ $Id$
shadow-4.1.3 -> shadow-4.1.3.1 UNRELEASED shadow-4.1.3 -> shadow-4.1.3.1 2009-04-15
*** security:
- Due to bad parsing of octal permissions, the permissions on tty (login)
but also home directories, mailboxes, or UMASK were set wrongly (and
weirdly). Only shadow-4.1.3 was affected.
*** general
- vipw - vipw
* SE Linux: Set the default context to the context of the file being * SE Linux: Set the default context to the context of the file being
edited. This ensures that the backup file inherit from the file's edited. This ensures that the backup file inherit from the file's
context. context.
- login
* Fix regression when no user is specified on the command line.
shadow-4.1.2.2 -> shadow-4.1.3 2009-04-12 shadow-4.1.2.2 -> shadow-4.1.3 2009-04-12

9
lib/getlong.c
View File

@ -35,13 +35,20 @@
#include <errno.h> #include <errno.h>
#include "prototypes.h" #include "prototypes.h"
/*
* getlong - extract a long integer provided by the numstr string in *result
*
* It supports decimal, hexadecimal or octal representations.
*
* Returns 0 on failure, 1 on success.
*/
int getlong (const char *numstr, long int *result) int getlong (const char *numstr, long int *result)
{ {
long val; long val;
char *endptr; char *endptr;
errno = 0; errno = 0;
val = strtol (numstr, &endptr, 10); val = strtol (numstr, &endptr, 0);
if (('\0' == numstr) || ('\0' != *endptr) || (ERANGE == errno)) { if (('\0' == numstr) || ('\0' != *endptr) || (ERANGE == errno)) {
return 0; return 0;
} }

2
src/login.c
View File

@ -682,7 +682,7 @@ int main (int argc, char **argv)
set it to NULL */ set it to NULL */
retcode = pam_get_item (pamh, PAM_USER, (const void **)ptr_pam_user); retcode = pam_get_item (pamh, PAM_USER, (const void **)ptr_pam_user);
PAM_FAIL_CHECK; PAM_FAIL_CHECK;
if (pam_user[0] == '\0') { if ((NULL != pam_user) && ('\0' == pam_user[0])) {
retcode = pam_set_item (pamh, PAM_USER, NULL); retcode = pam_set_item (pamh, PAM_USER, NULL);
PAM_FAIL_CHECK; PAM_FAIL_CHECK;
} }