[Pkg-shadow-devel] Bug#675824: shadow: possible segfault in useradd
Nicolas François
nicolas.francois at centraliens.net
Sun Jun 3 20:21:53 UTC 2012
Hello,
On Sun, Jun 03, 2012 at 06:54:16PM +0400, pashev.igor at gmail.com wrote:
>
> Function __pw_dup() in lib/pwmem.c allocates uninitialized memory for struct
> passwd and then fills some members of that struct, but other members (e. g.
> pw_age) are still uninitialized. It can results in segfault in putpwent() which
> tests for pw_age.
lib/pwmem.c copies all members according to the getpwent(3) or putpwent(3)
man pages or /usr/include/pwd.h (libc6-dev 2.13-32).
I could not find a definition of struct passwd with a pw_age field.
I could copy or initialize the complete structure in case there are
redefinition of this structure with more fields, but it could be as
harmful as not doing anything.
Can you provide more details?
Best Regards,
--
Nekral
More information about the Pkg-shadow-devel
mailing list