From: Samanta Navarro <ferivoz@riseup.net>
Date: Thu, 18 Jan 2024 11:53:41 +0000 (+0000)
Subject: src/sulogin.c: Free previously allocated memory
X-Git-Tag: 4.15.0-rc1~30
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4d835c7ea462a5a35ea1d9d06a3cf8a629880730;p=thirdparty%2Fshadow.git

src/sulogin.c: Free previously allocated memory

The sulogin program calls pw_entry in a loop while incorrect root
passwords are entered.

Free the previously allocated memory to avoid memory exhaustion.

Co-developed-by: Alejandro Colomar <alx@kernel.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
Signed-off-by: Samanta Navarro <ferivoz@riseup.net>
---

diff --git a/src/sulogin.c b/src/sulogin.c
index ab2dcf941..6633dd5d9 100644
--- a/src/sulogin.c
+++ b/src/sulogin.c
@@ -199,22 +199,29 @@ pw_entry(const char *name, struct passwd *pwent)
 	struct passwd  *passwd;
 
 	if (!(passwd = getpwnam(name))) {  /* local, no need for xgetpwnam */
+		free(pwent->pw_name);
 		pwent->pw_name = NULL;
 		return;
 	}
 
+	free(pwent->pw_name);
 	pwent->pw_name = xstrdup(passwd->pw_name);
 	pwent->pw_uid = passwd->pw_uid;
 	pwent->pw_gid = passwd->pw_gid;
+	free(pwent->pw_gecos);
 	pwent->pw_gecos = xstrdup(passwd->pw_gecos);
+	free(pwent->pw_dir);
 	pwent->pw_dir = xstrdup(passwd->pw_dir);
+	free(pwent->pw_shell);
 	pwent->pw_shell = xstrdup(passwd->pw_shell);
 #if !defined(AUTOSHADOW)
 	/* local, no need for xgetspnam */
 	if ((spwd = getspnam(name))) {
+		free(pwent->pw_passwd);
 		pwent->pw_passwd = xstrdup(spwd->sp_pwdp);
 		return;
 	}
 #endif
+	free(pwent->pw_passwd);
 	pwent->pw_passwd = xstrdup(passwd->pw_passwd);
 }