Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:cahu:security:SELinux:fixleapbuild
shadow
shadow-CVE-2023-29383.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File shadow-CVE-2023-29383.patch of Package shadow
Index: shadow-4.8.1/lib/fields.c =================================================================== --- shadow-4.8.1.orig/lib/fields.c +++ shadow-4.8.1/lib/fields.c @@ -44,9 +44,9 @@ * * The supplied field is scanned for non-printable and other illegal * characters. - * + -1 is returned if an illegal character is present. - * + 1 is returned if no illegal characters are present, but the field - * contains a non-printable character. + * + -1 is returned if an illegal or control character is present. + * + 1 is returned if no illegal or control characters are present, + * but the field contains a non-printable character. * + 0 is returned otherwise. */ int valid_field (const char *field, const char *illegal) @@ -60,23 +60,22 @@ int valid_field (const char *field, cons /* For each character of field, search if it appears in the list * of illegal characters. */ + if (illegal && NULL != strpbrk (field, illegal)) { + return -1; + } + + /* Search if there are non-printable or control characters */ for (cp = field; '\0' != *cp; cp++) { - if (strchr (illegal, *cp) != NULL) { + unsigned char c = *cp; + if (!isprint (c)) { + err = 1; + } + if (iscntrl (c)) { err = -1; break; } } - if (0 == err) { - /* Search if there are some non-printable characters */ - for (cp = field; '\0' != *cp; cp++) { - if (!isprint (*cp)) { - err = 1; - break; - } - } - } - return err; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor