tinylogin: Fix rotate passwd check logic

Fix rotate passwd check logic which will write data into un-allocated memory. This fixes [YOCTO #735] (From OE-Core rev: 4499beb9ef70d207e0d1f60eae77634a77fc44c3) Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Dongxiao Xu <dongxiao.xu@intel.com> 2011-03-10 12:33:26 +0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2011-03-10 18:14:25 -0800
commit: 10ce85af3309c9412993dd80c2ef8dedebce11d3 (patch)
tree: 03cd7618cbd4971669cfbbc67f506b238eada269 /meta/recipes-core
parent: 2c52b652bf00c440d04ff9d3e6423934143e49d6 (diff)
download: poky-10ce85af3309c9412993dd80c2ef8dedebce11d3.tar.gz
2 files changed, 42 insertions, 2 deletions
diff --git a/meta/recipes-core/tinylogin/tinylogin-1.4/passwd_rotate_check.patch b/meta/recipes-core/tinylogin/tinylogin-1.4/passwd_rotate_check.patch
new file mode 100644
index 0000000000..c602493afc
--- /dev/null
+++ b/meta/recipes-core/tinylogin/tinylogin-1.4/passwd_rotate_check.patch
@@ -0,0 +1,39 @@
+Fix rotate check logic
+Rotate passwd checking code has logic error, which writes data into
+un-allocated memory. This patch fixes the issue.
+Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
+diff --git a/libbb/obscure.c b/libbb/obscure.c
+index 750b611..4a07b5f 100644
+--- a/libbb/obscure.c
+++ b/libbb/obscure.c
+@@ -135,7 +135,7 @@ password_check(const char *old, const char *newval, const struct passwd *pwdp)
+ {
+        const char *msg;
+        char *newmono, *wrapped;
+-       int lenwrap;
+       int lenold, lenwrap;
+ 
+        if (strcmp(newval, old) == 0)
+                return "no change";
+@@ -144,7 +144,8 @@ password_check(const char *old, const char *newval, const struct passwd *pwdp)
+ 
+        msg = NULL;
+        newmono = str_lower(xstrdup(newval));
+-       lenwrap = strlen(old) * 2 + 1;
+       lenold = strlen(old);
+       lenwrap = lenold * 2 + 1;
+        wrapped = (char *) xmalloc(lenwrap);
+        str_lower(strcpy(wrapped, old));
+ 
+@@ -158,7 +159,7 @@ password_check(const char *old, const char *newval, const struct passwd *pwdp)
+                msg = "too similiar";
+ 
+        else {
+-               safe_strncpy(wrapped + lenwrap, wrapped, lenwrap + 1);
+               safe_strncpy(wrapped + lenold, wrapped, lenold + 1);
+                if (strstr(wrapped, newmono))
+                        msg = "rotated";
+        }
diff --git a/meta/recipes-core/tinylogin/tinylogin_1.4.bb b/meta/recipes-core/tinylogin/tinylogin_1.4.bb
index df626cf72b..0b51b25853 100644
--- a/meta/recipes-core/tinylogin/tinylogin_1.4.bb
+++ b/meta/recipes-core/tinylogin/tinylogin_1.4.bb
@@ -7,14 +7,15 @@ and groups on an embedded system."
 HOMEPAGE = "http://tinylogin.busybox.net/"
 LICENSE = "GPLv2"
 LIC_FILES_CHKSUM="file://LICENSE;md5=f1060fa3a366f098b5b1d8c2077ba269"
-PR = "r5"
+PR = "r6"
 SRC_URI = "http://tinylogin.busybox.net/downloads/tinylogin-${PV}.tar.bz2 \
        file://cvs-20040608.patch;patch=1;pnum=1 \
        file://add-system.patch;patch=1;pnum=1 \
        file://adduser-empty_pwd.patch;patch=1 \
        file://remove-index.patch;patch=1 \
-        file://use_O2_option.patch"
+        file://use_O2_option.patch \
+        file://passwd_rotate_check.patch"
 SRC_URI[md5sum] = "44da0ff2b727455669890b24305e351d"
 SRC_URI[sha256sum] = "5e542e4b7825305a3678bf73136c392feb0d44b8bbf926e8eda5453eea7ddd6b"
author	Dongxiao Xu <dongxiao.xu@intel.com>	2011-03-10 12:33:26 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2011-03-10 18:14:25 -0800
commit	10ce85af3309c9412993dd80c2ef8dedebce11d3 (patch)
tree	03cd7618cbd4971669cfbbc67f506b238eada269 /meta/recipes-core
parent	2c52b652bf00c440d04ff9d3e6423934143e49d6 (diff)
download	poky-10ce85af3309c9412993dd80c2ef8dedebce11d3.tar.gz

diff --git a/meta/recipes-core/tinylogin/tinylogin-1.4/passwd_rotate_check.patch b/meta/recipes-core/tinylogin/tinylogin-1.4/passwd_rotate_check.patch new file mode 100644 index 0000000000..c602493afc --- /dev/null +++ b/meta/recipes-core/tinylogin/tinylogin-1.4/passwd_rotate_check.patch
@@ -0,0 +1,39 @@
		1	Fix rotate check logic
		2
		3	Rotate passwd checking code has logic error, which writes data into
		4	un-allocated memory. This patch fixes the issue.
		5
		6	Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com>
		7
		8	diff --git a/libbb/obscure.c b/libbb/obscure.c
		9	index 750b611..4a07b5f 100644
		10	--- a/libbb/obscure.c
		11	+++ b/libbb/obscure.c
		12	@@ -135,7 +135,7 @@ password_check(const char old, const char newval, const struct passwd *pwdp)
		13	{
		14	const char *msg;
		15	char newmono, wrapped;
		16	- int lenwrap;
		17	+ int lenold, lenwrap;
		18
		19	if (strcmp(newval, old) == 0)
		20	return "no change";
		21	@@ -144,7 +144,8 @@ password_check(const char old, const char newval, const struct passwd *pwdp)
		22
		23	msg = NULL;
		24	newmono = str_lower(xstrdup(newval));
		25	- lenwrap = strlen(old) * 2 + 1;
		26	+ lenold = strlen(old);
		27	+ lenwrap = lenold * 2 + 1;
		28	wrapped = (char *) xmalloc(lenwrap);
		29	str_lower(strcpy(wrapped, old));
		30
		31	@@ -158,7 +159,7 @@ password_check(const char old, const char newval, const struct passwd *pwdp)
		32	msg = "too similiar";
		33
		34	else {
		35	- safe_strncpy(wrapped + lenwrap, wrapped, lenwrap + 1);
		36	+ safe_strncpy(wrapped + lenold, wrapped, lenold + 1);
		37	if (strstr(wrapped, newmono))
		38	msg = "rotated";
		39	}


diff --git a/meta/recipes-core/tinylogin/tinylogin_1.4.bb b/meta/recipes-core/tinylogin/tinylogin_1.4.bb index df626cf72b..0b51b25853 100644 --- a/meta/recipes-core/tinylogin/tinylogin_1.4.bb +++ b/meta/recipes-core/tinylogin/tinylogin_1.4.bb
@@ -7,14 +7,15 @@ and groups on an embedded system."
7	HOMEPAGE = "http://tinylogin.busybox.net/"	7	HOMEPAGE = "http://tinylogin.busybox.net/"
8	LICENSE = "GPLv2"	8	LICENSE = "GPLv2"
9	LIC_FILES_CHKSUM="file://LICENSE;md5=f1060fa3a366f098b5b1d8c2077ba269"	9	LIC_FILES_CHKSUM="file://LICENSE;md5=f1060fa3a366f098b5b1d8c2077ba269"
10	PR = "r5"	10	PR = "r6"
11		11
12	SRC_URI = "http://tinylogin.busybox.net/downloads/tinylogin-${PV}.tar.bz2 \	12	SRC_URI = "http://tinylogin.busybox.net/downloads/tinylogin-${PV}.tar.bz2 \
13	file://cvs-20040608.patch;patch=1;pnum=1 \	13	file://cvs-20040608.patch;patch=1;pnum=1 \
14	file://add-system.patch;patch=1;pnum=1 \	14	file://add-system.patch;patch=1;pnum=1 \
15	file://adduser-empty_pwd.patch;patch=1 \	15	file://adduser-empty_pwd.patch;patch=1 \
16	file://remove-index.patch;patch=1 \	16	file://remove-index.patch;patch=1 \
17	file://use_O2_option.patch"	17	file://use_O2_option.patch \
		18	file://passwd_rotate_check.patch"
18		19
19	SRC_URI[md5sum] = "44da0ff2b727455669890b24305e351d"	20	SRC_URI[md5sum] = "44da0ff2b727455669890b24305e351d"
20	SRC_URI[sha256sum] = "5e542e4b7825305a3678bf73136c392feb0d44b8bbf926e8eda5453eea7ddd6b"	21	SRC_URI[sha256sum] = "5e542e4b7825305a3678bf73136c392feb0d44b8bbf926e8eda5453eea7ddd6b"