From: Alejandro Colomar <alx@kernel.org>
Date: Fri, 17 May 2024 00:15:15 +0000 (+0200)
Subject: src/usermod.c: update_gshadow_file(): Fix RESOURCE_LEAK (CWE-772)
X-Git-Tag: 4.15.2~21
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=71a3238b7996285fc3c8dec841244ba95d663fa5;p=thirdparty%2Fshadow.git

src/usermod.c: update_gshadow_file(): Fix RESOURCE_LEAK (CWE-772)

Report:
> shadow-4.15.0/src/usermod.c:864:3: alloc_fn: Storage is returned from allocation function "__sgr_dup".
> shadow-4.15.0/src/usermod.c:864:3: var_assign: Assigning: "nsgrp" = storage returned from "__sgr_dup(sgrp)".
> shadow-4.15.0/src/usermod.c:964:1: leaked_storage: Variable "nsgrp" going out of scope leaks the storage it points to.
> 962|                   free (nsgrp);
> 963|           }
> 964|-> }
> 965|   #endif                                /* SHADOWGRP */
> 966|

Link: https://issues.redhat.com/browse/RHEL-35383
Reported-by: Iker Pedrosa <ipedrosa@redhat.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
---

diff --git a/src/usermod.c b/src/usermod.c
index e0cfdd837..bb5d35355 100644
--- a/src/usermod.c
+++ b/src/usermod.c
@@ -921,9 +921,8 @@ update_gshadow_file(void)
 			SYSLOG ((LOG_INFO, "add '%s' to shadow group '%s'",
 			         user_newname, nsgrp->sg_name));
 		}
-		if (!changed) {
-			continue;
-		}
+		if (!changed)
+			goto free_nsgrp;
 
 		changed = false;
 
@@ -939,6 +938,7 @@ update_gshadow_file(void)
 			fail_exit (E_GRP_UPDATE);
 		}
 
+free_nsgrp:
 		free (nsgrp);
 	}
 }