1 files changed, 66 insertions, 0 deletions
diff --git a/meta/recipes-extended/shadow/files/0001-Overhaul-valid_field.patch b/meta/recipes-extended/shadow/files/0001-Overhaul-valid_field.patch
new file mode 100644
index 0000000000..aea07ff361
--- /dev/null
+++ b/meta/recipes-extended/shadow/files/0001-Overhaul-valid_field.patch
@@ -0,0 +1,66 @@
+From 2eaea70111f65b16d55998386e4ceb4273c19eb4 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Fri, 31 Mar 2023 14:46:50 +0200
+Subject: [PATCH] Overhaul valid_field()
+e5905c4b ("Added control character check") introduced checking for
+control characters but had the logic inverted, so it rejects all
+characters that are not control ones.
+Cast the character to `unsigned char` before passing to the character
+checking functions to avoid UB.
+Use strpbrk(3) for the illegal character test and return early.
+Upstream-Status: Backport [https://github.com/shadow-maint/shadow/commit/2eaea70111f65b16d55998386e4ceb4273c19eb4]
+Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ lib/fields.c | 24 ++++++++++--------------
+ 1 file changed, 10 insertions(+), 14 deletions(-)
+diff --git a/lib/fields.c b/lib/fields.c
+index fb51b582..53929248 100644
+--- a/lib/fields.c
+++ b/lib/fields.c
+@@ -37,26 +37,22 @@ int valid_field (const char *field, const char *illegal)
+ 
+        /* For each character of field, search if it appears in the list
+         * of illegal characters. */
+       if (illegal && NULL != strpbrk (field, illegal)) {
+               return -1;
+       }
+
+       /* Search if there are non-printable or control characters */
+        for (cp = field; '\0' != *cp; cp++) {
+-               if (strchr (illegal, *cp) != NULL) {
+               unsigned char c = *cp;
+               if (!isprint (c)) {
+                       err = 1;
+               }
+               if (iscntrl (c)) {
+                        err = -1;
+                        break;
+                }
+        }
+ 
+-       if (0 == err) {
+-               /* Search if there are non-printable or control characters */
+-               for (cp = field; '\0' != *cp; cp++) {
+-                       if (!isprint (*cp)) {
+-                               err = 1;
+-                       }
+-                       if (!iscntrl (*cp)) {
+-                               err = -1;
+-                               break;
+-                       }
+-               }
+-       }
+-
+        return err;
+ }
+ 
+-- 
+2.34.1

diff --git a/meta/recipes-extended/shadow/files/0001-Overhaul-valid_field.patch b/meta/recipes-extended/shadow/files/0001-Overhaul-valid_field.patch new file mode 100644 index 0000000000..aea07ff361 --- /dev/null +++ b/meta/recipes-extended/shadow/files/0001-Overhaul-valid_field.patch
@@ -0,0 +1,66 @@
	1	From 2eaea70111f65b16d55998386e4ceb4273c19eb4 Mon Sep 17 00:00:00 2001
	2	From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
	3	Date: Fri, 31 Mar 2023 14:46:50 +0200
	4	Subject: [PATCH] Overhaul valid_field()
	5
	6	e5905c4b ("Added control character check") introduced checking for
	7	control characters but had the logic inverted, so it rejects all
	8	characters that are not control ones.
	9
	10	Cast the character to `unsigned char` before passing to the character
	11	checking functions to avoid UB.
	12
	13	Use strpbrk(3) for the illegal character test and return early.
	14
	15	Upstream-Status: Backport [https://github.com/shadow-maint/shadow/commit/2eaea70111f65b16d55998386e4ceb4273c19eb4]
	16
	17	Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
	18	Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
	19	---
	20	lib/fields.c \| 24 ++++++++++--------------
	21	1 file changed, 10 insertions(+), 14 deletions(-)
	22
	23	diff --git a/lib/fields.c b/lib/fields.c
	24	index fb51b582..53929248 100644
	25	--- a/lib/fields.c
	26	+++ b/lib/fields.c
	27	@@ -37,26 +37,22 @@ int valid_field (const char field, const char illegal)
	28
	29	/* For each character of field, search if it appears in the list
	30	* of illegal characters. */
	31	+ if (illegal && NULL != strpbrk (field, illegal)) {
	32	+ return -1;
	33	+ }
	34	+
	35	+ /* Search if there are non-printable or control characters */
	36	for (cp = field; '\0' != *cp; cp++) {
	37	- if (strchr (illegal, *cp) != NULL) {
	38	+ unsigned char c = *cp;
	39	+ if (!isprint (c)) {
	40	+ err = 1;
	41	+ }
	42	+ if (iscntrl (c)) {
	43	err = -1;
	44	break;
	45	}
	46	}
	47
	48	- if (0 == err) {
	49	- /* Search if there are non-printable or control characters */
	50	- for (cp = field; '\0' != *cp; cp++) {
	51	- if (!isprint (*cp)) {
	52	- err = 1;
	53	- }
	54	- if (!iscntrl (*cp)) {
	55	- err = -1;
	56	- break;
	57	- }
	58	- }
	59	- }
	60	-
	61	return err;
	62	}
	63
	64	--
	65	2.34.1
	66