git.ipfire.org Git - thirdparty/shadow.git/commit

author	Marcin Nowakowski <marcin.w.nowakowski@gmail.com>
	Tue, 25 Jun 2024 07:45:33 +0000 (09:45 +0200)
committer	Alejandro Colomar <alx@kernel.org>
	Tue, 22 Oct 2024 13:31:19 +0000 (15:31 +0200)
commit	326889ca81bb0ed9b499bb06b710be7e4eaf3c65
tree	e07eac47da0e4b2f72cb4829bd5fe845e6689c88	tree \| snapshot
parent	afc4b574b7372e72cffb695214bc08e1a6a86a75	commit \| diff

Fix coverity unbound buffer issues

During coverity scan, there are reported four issues
with unbounded source buffer for each usage of input arg
directly with syslog function.

Sample coverity test report for chsh.c file:

1. string_size_argv: argv contains strings with unknown size.
int main (int argc, char **argv)
[...]
4. var_assign_var: Assigning: user = argv[optind]. Both are now tainted.
user = argv[optind];
[...]
CID 5771784: (#1 of 1): Unbounded source buffer (STRING_SIZE)
15. string_size: Passing string user of unknown size to syslog.
SYSLOG ((LOG_INFO, "changed user '%s' shell to '%s'", user, loginsh));

Similar issue is reported three times more:
File: chfn.c, function: main, variable: user
File: passwd.c, function: main, variable: name
File: newgrp.c, function: main, variable: group

This commit is the first approach to fix the reported issues.
The proposed changes add conditions, which verify
the user and group names arguments, including their lengths.
This will not silence the coverity reports, but the change causes
that they are irrelevant and could be ignored.

src/chfn.c		diff \| blob \| blame \| history
src/chsh.c		diff \| blob \| blame \| history
src/newgrp.c		diff \| blob \| blame \| history
src/passwd.c		diff \| blob \| blame \| history