shadow: backport patch to fix CVE-2023-29383

The fix of CVE-2023-29383.patch contains a bug that it rejects all characters that are not control ones, so backup another patch named "0001-Overhaul-valid_field.patch" from upstream to fix it. (From OE-Core rev: ab48ab23de6f6bb1f05689c97724140d4bef8faa) Upstream-Status: Backport [https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d & https://github.com/shadow-maint/shadow/commit/2eaea70111f65b16d55998386e4ceb4273c19eb4] (From OE-Core rev: a53d446c289f07854e286479cd7e4843ddd0ee8c) Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
author: Vijay Anusuri <vanusuri@mvista.com> 2023-11-23 09:07:05 +0530
committer: Steve Sakoman <steve@sakoman.com> 2023-12-01 04:14:18 -1000
commit: 7c678246f658d306f759a17533fbb012492412ae (patch)
tree: f96669bb2bb1e213abea592fb6c36dd60852bc55 /meta/recipes-extended/shadow/files/CVE-2023-29383.patch
parent: d3f1ae99a7e3f758421f5e761910f9281a3fec8e (diff)
download: poky-7c678246f658d306f759a17533fbb012492412ae.tar.gz
1 files changed, 54 insertions, 0 deletions
diff --git a/meta/recipes-extended/shadow/files/CVE-2023-29383.patch b/meta/recipes-extended/shadow/files/CVE-2023-29383.patch
new file mode 100644
index 0000000000..dbf4a508e9
--- /dev/null
+++ b/meta/recipes-extended/shadow/files/CVE-2023-29383.patch
@@ -0,0 +1,54 @@
+From e5905c4b84d4fb90aefcd96ee618411ebfac663d Mon Sep 17 00:00:00 2001
+From: tomspiderlabs <128755403+tomspiderlabs@users.noreply.github.com>
+Date: Thu, 23 Mar 2023 23:39:38 +0000
+Subject: [PATCH] Added control character check
+Added control character check, returning -1 (to "err") if control characters are present.
+CVE: CVE-2023-29383
+Upstream-Status: Backport
+Reference to upstream:
+https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d
+Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ lib/fields.c | 11 +++++++----
+ 1 file changed, 7 insertions(+), 4 deletions(-)
+diff --git a/lib/fields.c b/lib/fields.c
+index 640be931..fb51b582 100644
+--- a/lib/fields.c
+++ b/lib/fields.c
+@@ -21,9 +21,9 @@
+  *
+  * The supplied field is scanned for non-printable and other illegal
+  * characters.
+- *  + -1 is returned if an illegal character is present.
+- *  +  1 is returned if no illegal characters are present, but the field
+- *       contains a non-printable character.
+ *  + -1 is returned if an illegal or control character is present.
+ *  +  1 is returned if no illegal or control characters are present,
+ *       but the field contains a non-printable character.
+  *  +  0 is returned otherwise.
+  */
+ int valid_field (const char *field, const char *illegal)
+@@ -45,10 +45,13 @@ int valid_field (const char *field, const char *illegal)
+        }
+ 
+        if (0 == err) {
+-               /* Search if there are some non-printable characters */
+               /* Search if there are non-printable or control characters */
+                for (cp = field; '\0' != *cp; cp++) {
+                        if (!isprint (*cp)) {
+                                err = 1;
+                       }
+                       if (!iscntrl (*cp)) {
+                               err = -1;
+                                break;
+                        }
+                }
+-- 
+2.34.1
author	Vijay Anusuri <vanusuri@mvista.com>	2023-11-23 09:07:05 +0530
committer	Steve Sakoman <steve@sakoman.com>	2023-12-01 04:14:18 -1000
commit	7c678246f658d306f759a17533fbb012492412ae (patch)
tree	f96669bb2bb1e213abea592fb6c36dd60852bc55 /meta/recipes-extended/shadow/files/CVE-2023-29383.patch
parent	d3f1ae99a7e3f758421f5e761910f9281a3fec8e (diff)
download	poky-7c678246f658d306f759a17533fbb012492412ae.tar.gz

diff --git a/meta/recipes-extended/shadow/files/CVE-2023-29383.patch b/meta/recipes-extended/shadow/files/CVE-2023-29383.patch new file mode 100644 index 0000000000..dbf4a508e9 --- /dev/null +++ b/meta/recipes-extended/shadow/files/CVE-2023-29383.patch
@@ -0,0 +1,54 @@
	1	From e5905c4b84d4fb90aefcd96ee618411ebfac663d Mon Sep 17 00:00:00 2001
	2	From: tomspiderlabs <128755403+tomspiderlabs@users.noreply.github.com>
	3	Date: Thu, 23 Mar 2023 23:39:38 +0000
	4	Subject: [PATCH] Added control character check
	5
	6	Added control character check, returning -1 (to "err") if control characters are present.
	7
	8	CVE: CVE-2023-29383
	9	Upstream-Status: Backport
	10
	11	Reference to upstream:
	12	https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d
	13
	14	Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
	15	Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
	16	---
	17	lib/fields.c \| 11 +++++++----
	18	1 file changed, 7 insertions(+), 4 deletions(-)
	19
	20	diff --git a/lib/fields.c b/lib/fields.c
	21	index 640be931..fb51b582 100644
	22	--- a/lib/fields.c
	23	+++ b/lib/fields.c
	24	@@ -21,9 +21,9 @@
	25	*
	26	* The supplied field is scanned for non-printable and other illegal
	27	* characters.
	28	- * + -1 is returned if an illegal character is present.
	29	- * + 1 is returned if no illegal characters are present, but the field
	30	- * contains a non-printable character.
	31	+ * + -1 is returned if an illegal or control character is present.
	32	+ * + 1 is returned if no illegal or control characters are present,
	33	+ * but the field contains a non-printable character.
	34	* + 0 is returned otherwise.
	35	*/
	36	int valid_field (const char field, const char illegal)
	37	@@ -45,10 +45,13 @@ int valid_field (const char field, const char illegal)
	38	}
	39
	40	if (0 == err) {
	41	- /* Search if there are some non-printable characters */
	42	+ /* Search if there are non-printable or control characters */
	43	for (cp = field; '\0' != *cp; cp++) {
	44	if (!isprint (*cp)) {
	45	err = 1;
	46	+ }
	47	+ if (!iscntrl (*cp)) {
	48	+ err = -1;
	49	break;
	50	}
	51	}
	52	--
	53	2.34.1
	54