Description of problem: chpasswd terminates with buffer overflow detection Version-Release number of selected component (if applicable): shadow-utils-4.0.17-12.el5 How reproducible: useradd foo; echo foo:password |chpasswd -m Steps to Reproduce: 1.useradd foo; echo foo:password |chpasswd -m 2. 3. Actual results: [root@inf01 ~]# useradd foo; echo foo:password |chpasswd -m *** buffer overflow detected ***: chpasswd terminated ======= Backtrace: ========= /lib/i686/nosegneg/libc.so.6(__chk_fail+0x41)[0x470eeac1] /lib/i686/nosegneg/libc.so.6[0x470edf77] chpasswd[0x804970b] /lib/i686/nosegneg/libc.so.6(__libc_start_main+0xdc)[0x47020dec] chpasswd[0x8049431] ======= Memory map: ======== 002cb000-002cc000 r-xp 002cb000 00:00 0 [vdso] 08048000-0804e000 r-xp 00000000 fd:00 1418748 /usr/sbin/chpasswd 0804e000-08050000 rwxp 00005000 fd:00 1418748 /usr/sbin/chpasswd 08aa2000-08ac3000 rwxp 08aa2000 00:00 0 46fee000-47007000 r-xp 00000000 fd:00 2000677 /lib/ld-2.5.so 47007000-47008000 r-xp 00018000 fd:00 2000677 /lib/ld-2.5.so 47008000-47009000 rwxp 00019000 fd:00 2000677 /lib/ld-2.5.so 4700b000-47145000 r-xp 00000000 fd:00 2000740 /lib/i686/nosegneg/libc-2.5.so 47145000-47147000 r-xp 0013a000 fd:00 2000740 /lib/i686/nosegneg/libc-2.5.so 47147000-47148000 rwxp 0013c000 fd:00 2000740 /lib/i686/nosegneg/libc-2.5.so 47148000-4714b000 rwxp 47148000 00:00 0 4714d000-4714f000 r-xp 00000000 fd:00 2000741 /lib/libdl-2.5.so 4714f000-47150000 r-xp 00001000 fd:00 2000741 /lib/libdl-2.5.so 47150000-47151000 rwxp 00002000 fd:00 2000741 /lib/libdl-2.5.so 471aa000-471bf000 r-xp 00000000 fd:00 2000758 /lib/libselinux.so.1 471bf000-471c1000 rwxp 00015000 fd:00 2000758 /lib/libselinux.so.1 471c3000-471fe000 r-xp 00000000 fd:00 2000757 /lib/libsepol.so.1 471fe000-471ff000 rwxp 0003a000 fd:00 2000757 /lib/libsepol.so.1 471ff000-47209000 rwxp 471ff000 00:00 0 47351000-47356000 r-xp 00000000 fd:00 2000764 /lib/libcrypt-2.5.so 47356000-47357000 r-xp 00004000 fd:00 2000764 /lib/libcrypt-2.5.so 47357000-47358000 rwxp 00005000 fd:00 2000764 /lib/libcrypt-2.5.so 47358000-4737f000 rwxp 47358000 00:00 0 4af56000-4af61000 r-xp 00000000 fd:00 1998850 /lib/libgcc_s-4.1.1-20070105.so.1 4af61000-4af62000 rwxp 0000a000 fd:00 1998850 /lib/libgcc_s-4.1.1-20070105.so.1 b7da4000-b7fa4000 r--p 00000000 fd:00 1413355 /usr/lib/locale/locale-archive b7fa4000-b7fa6000 rw-p b7fa4000 00:00 0 b7fab000-b7faf000 rw-p b7fab000 00:00 0 bfbfb000-bfc11000 rw-p bfbfb000 00:00 0 [stack] Aborted Expected results: changed password Additional info:
Created attachment 158963 [details] backport of a patch from 4.0.18.1
Engineering feedback: shadowutils don't qualify for FasTrack in 5.2 as changes are too intrusive.
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2008-0325.html