From 7c678246f658d306f759a17533fbb012492412ae Mon Sep 17 00:00:00 2001 From: Vijay Anusuri Date: Thu, 23 Nov 2023 09:07:05 +0530 Subject: shadow: backport patch to fix CVE-2023-29383 The fix of CVE-2023-29383.patch contains a bug that it rejects all characters that are not control ones, so backup another patch named "0001-Overhaul-valid_field.patch" from upstream to fix it. (From OE-Core rev: ab48ab23de6f6bb1f05689c97724140d4bef8faa) Upstream-Status: Backport [https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d & https://github.com/shadow-maint/shadow/commit/2eaea70111f65b16d55998386e4ceb4273c19eb4] (From OE-Core rev: a53d446c289f07854e286479cd7e4843ddd0ee8c) Signed-off-by: Vijay Anusuri Signed-off-by: Steve Sakoman --- .../shadow/files/0001-Overhaul-valid_field.patch | 66 ++++++++++++++++++++++ 1 file changed, 66 insertions(+) create mode 100644 meta/recipes-extended/shadow/files/0001-Overhaul-valid_field.patch (limited to 'meta/recipes-extended/shadow/files/0001-Overhaul-valid_field.patch') diff --git a/meta/recipes-extended/shadow/files/0001-Overhaul-valid_field.patch b/meta/recipes-extended/shadow/files/0001-Overhaul-valid_field.patch new file mode 100644 index 0000000000..aea07ff361 --- /dev/null +++ b/meta/recipes-extended/shadow/files/0001-Overhaul-valid_field.patch @@ -0,0 +1,66 @@ +From 2eaea70111f65b16d55998386e4ceb4273c19eb4 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= +Date: Fri, 31 Mar 2023 14:46:50 +0200 +Subject: [PATCH] Overhaul valid_field() + +e5905c4b ("Added control character check") introduced checking for +control characters but had the logic inverted, so it rejects all +characters that are not control ones. + +Cast the character to `unsigned char` before passing to the character +checking functions to avoid UB. + +Use strpbrk(3) for the illegal character test and return early. + +Upstream-Status: Backport [https://github.com/shadow-maint/shadow/commit/2eaea70111f65b16d55998386e4ceb4273c19eb4] + +Signed-off-by: Xiangyu Chen +Signed-off-by: Vijay Anusuri +--- + lib/fields.c | 24 ++++++++++-------------- + 1 file changed, 10 insertions(+), 14 deletions(-) + +diff --git a/lib/fields.c b/lib/fields.c +index fb51b582..53929248 100644 +--- a/lib/fields.c ++++ b/lib/fields.c +@@ -37,26 +37,22 @@ int valid_field (const char *field, const char *illegal) + + /* For each character of field, search if it appears in the list + * of illegal characters. */ ++ if (illegal && NULL != strpbrk (field, illegal)) { ++ return -1; ++ } ++ ++ /* Search if there are non-printable or control characters */ + for (cp = field; '\0' != *cp; cp++) { +- if (strchr (illegal, *cp) != NULL) { ++ unsigned char c = *cp; ++ if (!isprint (c)) { ++ err = 1; ++ } ++ if (iscntrl (c)) { + err = -1; + break; + } + } + +- if (0 == err) { +- /* Search if there are non-printable or control characters */ +- for (cp = field; '\0' != *cp; cp++) { +- if (!isprint (*cp)) { +- err = 1; +- } +- if (!iscntrl (*cp)) { +- err = -1; +- break; +- } +- } +- } +- + return err; + } + +-- +2.34.1 + -- cgit v1.2.3-54-g00ecf