[Pkg-shadow-devel] Bug#1032393: Bug#1032393: [PATCH v2 2/2] debian/control: Add libbsd-dev and pkg-config
Paul Eggert
eggert at cs.ucla.edu
Sat Mar 11 19:29:29 GMT 2023
I looked into this, and five of the shadow package's six uses of strlcpy
are wrong, i.e., they are associated with silent truncation or buffer
overrun/underrun or dereferencing NULL in nearby code. This isn't
surprising, as strlcpy is commonly used in code that has been
slapdashedly hacked to try to make it safer, and in my experience code
that that has been modified in that way is usually wrong.
Proposed patches attached.
Although there is one correct use of strlcpy, the correct use (in
sgetsgent) is equivalent to memcpy so there is no need for strlcpy there
(see patch 0002).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Fix-undefined-behavior-in-change_field.patch
Type: text/x-patch
Size: 1144 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-shadow-devel/attachments/20230311/86d10dc2/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-Prefer-memcpy-to-strlcpy-when-either-works.patch
Type: text/x-patch
Size: 785 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-shadow-devel/attachments/20230311/86d10dc2/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0003-Avoid-silent-truncation-of-console-file-data.patch
Type: text/x-patch
Size: 2311 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-shadow-devel/attachments/20230311/86d10dc2/attachment-0002.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0004-Fix-crash-with-large-timestamps.patch
Type: text/x-patch
Size: 1251 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-shadow-devel/attachments/20230311/86d10dc2/attachment-0003.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0005-Fix-is_my_tty-overruns-and-truncations.patch
Type: text/x-patch
Size: 2765 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-shadow-devel/attachments/20230311/86d10dc2/attachment-0004.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0006-Fix-su-silent-truncation.patch
Type: text/x-patch
Size: 1337 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-shadow-devel/attachments/20230311/86d10dc2/attachment-0005.bin>
More information about the Pkg-shadow-devel
mailing list