Bug 89145
Summary: | useradd uses uninitialized memory | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Retired] Red Hat Raw Hide | Reporter: | Enrico Scholz <rh-bugzilla> | ||||||
Component: | shadow-utils | Assignee: | Peter Vrabec <pvrabec> | ||||||
Status: | CLOSED RAWHIDE | QA Contact: | David Lawrence <dkl> | ||||||
Severity: | medium | Docs Contact: | |||||||
Priority: | medium | ||||||||
Version: | 1.0 | CC: | barryn, chris.ricker, ldv, me, rdtennent, redhat-bugzilla, wtogami | ||||||
Target Milestone: | --- | ||||||||
Target Release: | --- | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2005-04-11 11:27:22 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Bug Depends On: | |||||||||
Bug Blocks: | 100644 | ||||||||
Attachments: |
|
Description
Enrico Scholz
2003-04-18 12:05:47 UTC
Created attachment 91187 [details]
fixes usage of uninitialized 'user_groups' variable
http://www.fedora.us/pipermail/fedora-devel/2003-April/000972.html The combination of glibc-2.3.2 and libsafe causes this to segfault on RH9 and Mandrake 9.1. We didn't discover this before because libsafe and older glibc didn't trigger a segfault. I have confirmed that the segfault no longer happens on RH9 with this patch to shadow-utils. http://qa.mandrakesoft.com/show_bug.cgi?id=3781 Mandrake equivalent *** Bug 106218 has been marked as a duplicate of this bug. *** Can we please apply this to rawhide? This is still an issue in FC1. Could you look at shadow cvs from time to time, please: 2003-06-30 Tomasz Kloczko <kloczek.pl> * src/useradd.c, src/usermod.c: Added initializing memory in variables when get_groups() function is not called, and memory allocated for user_groups is not initialized (in both useradd and usermod when -G options is used and in usermod when -l option is used). That causing segfaults sometimes. This fix is importand but not critical because usermod and usermod aren't suid root. Problem reported and fixed by Alexey Voinov <voins>. I just noticed that nalin checked in the fix into CVS on January 7th for rawhide shadow-utils-4.0.3-17. Perhaps external contributors should review the SRPM to be safe. usermod.c hunk is missing in the shadow-4.0.3-uninitialized.patch from shadow-utils-4.0.3-17.src.rpm Created attachment 97144 [details]
shadow-4.0.0-alt-user_groups.patch
Arg... re-opening and bugging nalin... btw, shadow-utils 4.0.4.1 has been released which contains this fix already |