From: Michael Vetter <jubalh@iodoru.org>
Date: Mon, 11 Nov 2019 12:10:51 +0000 (+0100)
Subject: useradd: check for valid shell argument
X-Git-Tag: 4.8~8^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F187%2Fhead;p=thirdparty%2Fshadow.git

useradd: check for valid shell argument

Check whether shell argument given with `-s` is actually present and executable.
And is not a directory.

Fix https://github.com/shadow-maint/shadow/issues/186
---

diff --git a/src/useradd.c b/src/useradd.c
index e074844d0..16af77f2e 100644
--- a/src/useradd.c
+++ b/src/useradd.c
@@ -1094,6 +1094,7 @@ static void process_flags (int argc, char **argv)
 	const struct group *grp;
 	bool anyflag = false;
 	char *cp;
+	struct stat st;
 
 	{
 		/*
@@ -1310,7 +1311,10 @@ static void process_flags (int argc, char **argv)
 				if (   ( !VALID (optarg) )
 				    || (   ('\0' != optarg[0])
 				        && ('/'  != optarg[0])
-				        && ('*'  != optarg[0]) )) {
+				        && ('*'  != optarg[0]) )
+				    || (stat(optarg, &st) != 0)
+				    || (S_ISDIR(st.st_mode))
+				    || (access(optarg, X_OK != 0))) {
 					fprintf (stderr,
 					         _("%s: invalid shell '%s'\n"),
 					         Prog, optarg);