summaryrefslogtreecommitdiffstats
path: root/recipes-extended
diff options
context:
space:
mode:
authorSona Sarmadi <sona.sarmadi@enea.com>2017-08-29 10:31:19 +0200
committerAdrian Dudau <adrian.dudau@enea.com>2017-08-29 13:37:48 +0200
commite3f32e1fc30aa34b0bfa73fc53231396220beb5b (patch)
treef47981461438cd56a09e44f54c39bf8123ac537b /recipes-extended
parentad28b1279655db5b0986a8d7ca331358a3e363d1 (diff)
downloadmeta-nfv-access-common-e3f32e1fc30aa34b0bfa73fc53231396220beb5b.tar.gz
shadow: fix for CVE-2016-6252
Integer overflow in shadow 4.2.1 allows local users to gain privileges via crafted input to newuidmap. References: ========== https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6252 Upstream fix: https://github.com/shadow-maint/shadow/commit/1d5a926cc2d6078d23a96222b1ef3e558724dad1 Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
Diffstat (limited to 'recipes-extended')
-rw-r--r--recipes-extended/shadow/shadow/CVE-2016-6252.patch48
-rw-r--r--recipes-extended/shadow/shadow_%.bbappend5
2 files changed, 53 insertions, 0 deletions
diff --git a/recipes-extended/shadow/shadow/CVE-2016-6252.patch b/recipes-extended/shadow/shadow/CVE-2016-6252.patch
new file mode 100644
index 0000000..6e05584
--- /dev/null
+++ b/recipes-extended/shadow/shadow/CVE-2016-6252.patch
@@ -0,0 +1,48 @@
1From 1d5a926cc2d6078d23a96222b1ef3e558724dad1 Mon Sep 17 00:00:00 2001
2From: Sebastian Krahmer <krahmer@suse.com>
3Date: Wed, 3 Aug 2016 11:51:07 -0500
4Subject: [PATCH] Simplify getulong
5
6Use strtoul to read an unsigned long, rather than reading
7a signed long long and casting it.
8
9https://bugzilla.suse.com/show_bug.cgi?id=979282
10
11CVE: CVE-2016-6252
12Upstream-Status: Backport [https://github.com/shadow-maint/shadow/commit/1d5a926cc2d6078d23a96222b1ef3e558724dad1]
13
14Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
15---
16 lib/getulong.c | 9 +++------
17 1 file changed, 3 insertions(+), 6 deletions(-)
18
19diff --git a/lib/getulong.c b/lib/getulong.c
20index 61579cae..08d2c1a8 100644
21--- a/lib/getulong.c
22+++ b/lib/getulong.c
23@@ -44,22 +44,19 @@
24 */
25 int getulong (const char *numstr, /*@out@*/unsigned long int *result)
26 {
27- long long int val;
28+ unsigned long int val;
29 char *endptr;
30
31 errno = 0;
32- val = strtoll (numstr, &endptr, 0);
33+ val = strtoul (numstr, &endptr, 0);
34 if ( ('\0' == *numstr)
35 || ('\0' != *endptr)
36 || (ERANGE == errno)
37- /*@+ignoresigns@*/
38- || (val != (unsigned long int)val)
39- /*@=ignoresigns@*/
40 ) {
41 return 0;
42 }
43
44- *result = (unsigned long int)val;
45+ *result = val;
46 return 1;
47 }
48
diff --git a/recipes-extended/shadow/shadow_%.bbappend b/recipes-extended/shadow/shadow_%.bbappend
new file mode 100644
index 0000000..4f04479
--- /dev/null
+++ b/recipes-extended/shadow/shadow_%.bbappend
@@ -0,0 +1,5 @@
1# look for files in the layer first
2FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
3
4SRC_URI += "file://CVE-2016-6252.patch \
5 "