From: nekral-guest Date: Mon, 18 Feb 2008 21:36:03 +0000 (+0000) Subject: Fix buffer overflow when adding an user to a group. Thanks to Peter Vrabec. X-Git-Tag: 4.1.1~55 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ed52b88b92c74cad5534b933ffe57543c2c28c29;p=thirdparty%2Fshadow.git Fix buffer overflow when adding an user to a group. Thanks to Peter Vrabec. --- diff --git a/ChangeLog b/ChangeLog index 9424dc803..26b8a465e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +2008-02-18 Nicolas François + + * NEWS, src/groupmems.c: Fix buffer overflow when adding an user + to a group. Thanks to Peter Vrabec. + 2008-02-14 Nicolas François * NEWS, etc/useradd: Change the default HOME directory in diff --git a/NEWS b/NEWS index ff3056aa7..e10fbb8fb 100644 --- a/NEWS +++ b/NEWS @@ -19,6 +19,8 @@ shadow-4.1.0 -> shadow-4.1.1 UNRELEASED passwd entry, but no shadow entry. - groupadd * New option -p/--password to specify an encrypted password. +- groupmems + * Fix buffer overflow when adding an user to a group. Thanks to Peter Vrabec. - groupmod * New option -p/--password to specify an encrypted password. - grpck diff --git a/src/groupmems.c b/src/groupmems.c index 67cb77125..4852e8651 100644 --- a/src/groupmems.c +++ b/src/groupmems.c @@ -104,7 +104,7 @@ static void addtogroup (char *user, char **members) } } - members = (char **) realloc (members, sizeof (char *) * i); + members = (char **) realloc (members, sizeof (char *) * (i+2)); members[i] = user; members[i + 1] = NULL; }