shadow-utils/shadow-4.1.4.2-underflow.patch
Peter Vrabec 59e397ee42 - fix integer underflow in faillog (#603683)
- use preferred GID for reserved static IDs
2010-06-14 11:15:21 +00:00

44 lines
1.6 KiB
Diff

diff -up shadow-4.1.4.2/src/faillog.c.overflow shadow-4.1.4.2/src/faillog.c
--- shadow-4.1.4.2/src/faillog.c.overflow 2010-06-14 10:40:28.023030897 +0200
+++ shadow-4.1.4.2/src/faillog.c 2010-06-14 10:53:10.884034750 +0200
@@ -106,8 +106,8 @@ static void print_one (/*@null@*/const s
return;
}
- offset = pw->pw_uid * sizeof (fl);
- if (offset <= (statbuf.st_size - sizeof (fl))) {
+ offset = (off_t) pw->pw_uid * sizeof (fl);
+ if (offset + sizeof (fl) <= statbuf.st_size) {
/* fseeko errors are not really relevant for us. */
int err = fseeko (fail, offset, SEEK_SET);
assert (0 == err);
@@ -206,8 +206,8 @@ static bool reset_one (uid_t uid)
off_t offset;
struct faillog fl;
- offset = uid * sizeof (fl);
- if (offset <= (statbuf.st_size - sizeof (fl))) {
+ offset = (off_t) uid * sizeof (fl);
+ if (offset + sizeof (fl) <= statbuf.st_size) {
/* fseeko errors are not really relevant for us. */
int err = fseeko (fail, offset, SEEK_SET);
assert (0 == err);
@@ -294,7 +294,7 @@ static bool setmax_one (uid_t uid, int m
struct faillog fl;
offset = (off_t) uid * sizeof (fl);
- if (offset <= (statbuf.st_size - sizeof (fl))) {
+ if (offset + sizeof (fl) <= statbuf.st_size) {
/* fseeko errors are not really relevant for us. */
int err = fseeko (fail, offset, SEEK_SET);
assert (0 == err);
@@ -385,7 +385,7 @@ static bool set_locktime_one (uid_t uid,
struct faillog fl;
offset = (off_t) uid * sizeof (fl);
- if (offset <= (statbuf.st_size - sizeof (fl))) {
+ if (offset + sizeof (fl) <= statbuf.st_size) {
/* fseeko errors are not really relevant for us. */
int err = fseeko (fail, offset, SEEK_SET);
assert (0 == err);