From 872b23525d4769dca3885e85be59ea0200648523 Mon Sep 17 00:00:00 2001 From: panxiaohe Date: Sat, 31 Oct 2020 14:14:21 +0800 Subject: [PATCH] Prevent SEGFAULT for unknown UID --- Prevent-SEGFAULT-for-unknown-UID.patch | 32 ++++++++++++++++++++++++++ pam.spec | 10 ++++---- 2 files changed, 38 insertions(+), 4 deletions(-) create mode 100644 Prevent-SEGFAULT-for-unknown-UID.patch diff --git a/Prevent-SEGFAULT-for-unknown-UID.patch b/Prevent-SEGFAULT-for-unknown-UID.patch new file mode 100644 index 0000000..0421523 --- /dev/null +++ b/Prevent-SEGFAULT-for-unknown-UID.patch @@ -0,0 +1,32 @@ +From e21fd1f344a67844925ab9a06b0f54299c94b56c Mon Sep 17 00:00:00 2001 +From: "Anton D. Kachalov" +Date: Tue, 29 Sep 2020 23:20:57 +0200 +Subject: [PATCH] Prevent SEGFAULT for unknown UID + +When running systemd service with DynamicUser being set, the dynamic UID +might be not mapped to user name (/etc/nsswitch.conf is not configured +with systemd nss module). + +The getuidname() routine might return NULL and this is not checked by callee. + +Signed-off-by: Anton D. Kachalov +--- + modules/pam_unix/unix_chkpwd.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/modules/pam_unix/unix_chkpwd.c b/modules/pam_unix/unix_chkpwd.c +index 15a1c2a..3931bab 100644 +--- a/modules/pam_unix/unix_chkpwd.c ++++ b/modules/pam_unix/unix_chkpwd.c +@@ -137,7 +137,7 @@ int main(int argc, char *argv[]) + user = getuidname(getuid()); + /* if the caller specifies the username, verify that user + matches it */ +- if (strcmp(user, argv[1])) { ++ if (user == NULL || strcmp(user, argv[1])) { + user = argv[1]; + /* no match -> permanently change to the real user and proceed */ + if (setuid(getuid()) != 0) +-- +1.8.3.1 + diff --git a/pam.spec b/pam.spec index ab17104..7e0e089 100644 --- a/pam.spec +++ b/pam.spec @@ -4,7 +4,7 @@ %define _pamconfdir %{_sysconfdir}/pam.d Name: pam Version: 1.4.0 -Release: 2 +Release: 3 Summary: Pluggable Authentication Modules for Linux License: BSD and GPLv2+ URL: http://www.linux-pam.org/ @@ -24,6 +24,7 @@ Patch2: fix-login-message.patch Patch3: Move-check_user_in_passwd-from-pam_localuser.c-to-pa.patch Patch4: pam_faillock-fix-build-on-musl.patch Patch5: pam_modutil_check_user_in_passwd-avoid-timing-attack.patch +Patch6: Prevent-SEGFAULT-for-unknown-UID.patch BuildRequires: autoconf automake libtool bison flex sed cracklib-devel BuildRequires: perl-interpreter pkgconfig gettext-devel libtirpc-devel libnsl2-devel @@ -169,10 +170,11 @@ fi %changelog +* Sat Oct 31 2020 panxiaohe - 1.4.0-3 +- Prevent SEGFAULT for unknown UID + * Fri Sep 25 2020 panxiaohe - 1.4.0-2 -- fix the following issue. - "Current password:" is repeated twice when executing the passwd - command as a normal user and the input password is wrong. +- backport some patches from upstream * Fri Jul 24 2020 Liquor - 1.4.0-1 - update to 1.4.0