[Pkg-shadow-devel] [shadow] 03/05: Fix integer overflow in getulong.c (CVE-2016-6252)
Balint Reczey
rbalint at moszumanska.debian.org
Thu Feb 23 23:53:24 UTC 2017
This is an automated email from the git hooks/post-receive script.
rbalint pushed a commit to branch jessie
in repository shadow.
commit dd729b3572a957a12d83d3f1549ea05e1d269839
Author: Balint Reczey <balint at balintreczey.hu>
Date: Fri Feb 24 00:41:23 2017 +0100
Fix integer overflow in getulong.c (CVE-2016-6252)
Closes: #832170
---
.../302-CVE-2016-6252-fix-integer-overflow.patch | 46 ++++++++++++++++++++++
debian/patches/series | 1 +
2 files changed, 47 insertions(+)
diff --git a/debian/patches/302-CVE-2016-6252-fix-integer-overflow.patch b/debian/patches/302-CVE-2016-6252-fix-integer-overflow.patch
new file mode 100644
index 0000000..2f2195b
--- /dev/null
+++ b/debian/patches/302-CVE-2016-6252-fix-integer-overflow.patch
@@ -0,0 +1,46 @@
+From 1d5a926cc2d6078d23a96222b1ef3e558724dad1 Mon Sep 17 00:00:00 2001
+From: Sebastian Krahmer <krahmer at suse.com>
+Date: Wed, 3 Aug 2016 11:51:07 -0500
+Subject: [PATCH] Simplify getulong
+
+Use strtoul to read an unsigned long, rather than reading
+a signed long long and casting it.
+
+https://bugzilla.suse.com/show_bug.cgi?id=979282
+---
+ lib/getulong.c | 9 +++------
+ 1 file changed, 3 insertions(+), 6 deletions(-)
+
+diff --git a/lib/getulong.c b/lib/getulong.c
+index 61579ca..08d2c1a 100644
+--- a/lib/getulong.c
++++ b/lib/getulong.c
+@@ -44,22 +44,19 @@
+ */
+ int getulong (const char *numstr, /*@out@*/unsigned long int *result)
+ {
+- long long int val;
++ unsigned long int val;
+ char *endptr;
+
+ errno = 0;
+- val = strtoll (numstr, &endptr, 0);
++ val = strtoul (numstr, &endptr, 0);
+ if ( ('\0' == *numstr)
+ || ('\0' != *endptr)
+ || (ERANGE == errno)
+- /*@+ignoresigns@*/
+- || (val != (unsigned long int)val)
+- /*@=ignoresigns@*/
+ ) {
+ return 0;
+ }
+
+- *result = (unsigned long int)val;
++ *result = val;
+ return 1;
+ }
+
+--
+2.1.4
+
diff --git a/debian/patches/series b/debian/patches/series
index ceb25e0..5679082 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -5,6 +5,7 @@
503_shadowconfig.8
008_login_log_failure_in_FTMP
301-CVE-2017-2616-su-properly-clear-child-PID.patch
+302-CVE-2016-6252-fix-integer-overflow.patch
429_login_FAILLOG_ENAB
401_cppw_src.dpatch
# 402 should be merged in 401, but should be reviewed by SE Linux experts first
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-shadow/shadow.git
More information about the Pkg-shadow-devel
mailing list