automatic import of shadowopeneuler22.03_LTS

1 files changed, 36 insertions, 0 deletions

diff --git a/backport-chgpasswd-fix-segfault-in-command-line-options.patch b/backport-chgpasswd-fix-segfault-in-command-line-options.patch
new file mode 100644
index 0000000..db47426
--- /dev/null
+++ b/backport-chgpasswd-fix-segfault-in-command-line-options.patch
@@ -0,0 +1,36 @@
+From 53a17c1742a4b5fcf9280fd6dd85fc77588535c2 Mon Sep 17 00:00:00 2001
+From: Jeffrey Bencteux <jeffbencteux@gmail.com>
+Date: Wed, 21 Jun 2023 15:12:43 +0200
+Subject: [PATCH] chgpasswd: fix segfault in command-line options
+
+Using the --sha-rounds option without first giving a crypt method via the --crypt-method option results in comparisons with a NULL pointer and thus make chgpasswd segfault:
+
+$ chgpasswd -s 1
+zsh: segmentation fault  chgpasswd -s 1
+
+Current patch add a sanity check before these comparisons to ensure there is a defined encryption method.
+---
+ src/chgpasswd.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/src/chgpasswd.c b/src/chgpasswd.c
+index fe4055d8..7b773e2f 100644
+--- a/src/chgpasswd.c
++++ b/src/chgpasswd.c
+@@ -186,6 +186,13 @@ static void process_flags (int argc, char **argv)
+ 		case 's':
+ 			sflg = true;
+                         bad_s = 0;
++
++			if (!crypt_method) {
++				fprintf (stderr,
++				         _("%s: no crypt method defined\n"),
++				         Prog);
++				usage (E_USAGE);
++			}
+ #if defined(USE_SHA_CRYPT)
+ 			if (  (   ((0 == strcmp (crypt_method, "SHA256")) || (0 == strcmp (crypt_method, "SHA512")))
+ 			       && (0 == getlong(optarg, &sha_rounds)))) {
+-- 
+2.20.1
+