diff options
Diffstat (limited to 'main/busybox/0001-adduser-prevent-creation-from-invalid-entry-without-.patch')
-rw-r--r-- | main/busybox/0001-adduser-prevent-creation-from-invalid-entry-without-.patch | 33 |
1 files changed, 0 insertions, 33 deletions
diff --git a/main/busybox/0001-adduser-prevent-creation-from-invalid-entry-without-.patch b/main/busybox/0001-adduser-prevent-creation-from-invalid-entry-without-.patch deleted file mode 100644 index 0bca3b7b514..00000000000 --- a/main/busybox/0001-adduser-prevent-creation-from-invalid-entry-without-.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 8f0f1d6c9315d10dacdb26ff6cc9059a7a565eb3 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?S=C3=B6ren=20Tempel?= <soeren+git@soeren-tempel.net> -Date: Sat, 12 Jan 2019 00:01:34 +0100 -Subject: [PATCH] adduser: prevent creation from invalid entry without -s - -If -s is not specified adduser uses get_shell_name() to determine the -shell it should use for the newly created user. If SHELL is not set this -function uses getpwnam(3) to determine the shell of the current user and -returns that. - -getpwnam(3) uses static storage and is called again in passwd_study() -overwriting the memory location get_shell_name() returned a pointer to. -Thereby potentially creating an entry with an invalid shell. - -To fix this xstrdup() the return value of get_shell_name(). This -approach is also used by crond, ifupdown and svlogd. ---- - loginutils/adduser.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/loginutils/adduser.c b/loginutils/adduser.c -index b2b5be5b3..7e5a85c33 100644 ---- a/loginutils/adduser.c -+++ b/loginutils/adduser.c -@@ -198,7 +198,7 @@ int adduser_main(int argc UNUSED_PARAM, char **argv) - - pw.pw_gecos = (char *)"Linux User,,,"; - /* We assume that newly created users "inherit" root's shell setting */ -- pw.pw_shell = (char *)get_shell_name(); -+ pw.pw_shell = xstrdup(get_shell_name()); - pw.pw_dir = NULL; - - opts = getopt32long(argv, "^" |