| blob | eb9ad80a2a3b08d4db9d78ced484531c9122e790 |
1 Goal: Input sanitization for chfn and chsh
3 Fixes: CVE-2011-0721
5 Status wrt upstream: Already applied upstream (4.1.4.3)
7 --- a/src/chfn.c
8 +++ b/src/chfn.c
9 @@ -551,14 +551,14 @@
10 static void check_fields (void)
11 {
12 int err;
13 - err = valid_field (fullnm, ":,=");
14 + err = valid_field (fullnm, ":,=\n");
15 if (err > 0) {
16 fprintf (stderr, _("%s: name with non-ASCII characters: '%s'\n"), Prog, fullnm);
17 } else if (err < 0) {
18 fprintf (stderr, _("%s: invalid name: '%s'\n"), Prog, fullnm);
19 fail_exit (E_NOPERM);
20 }
21 - err = valid_field (roomno, ":,=");
22 + err = valid_field (roomno, ":,=\n");
23 if (err > 0) {
24 fprintf (stderr, _("%s: room number with non-ASCII characters: '%s'\n"), Prog, roomno);
25 } else if (err < 0) {
26 @@ -566,17 +566,17 @@
27 Prog, roomno);
28 fail_exit (E_NOPERM);
29 }
30 - if (valid_field (workph, ":,=") != 0) {
31 + if (valid_field (workph, ":,=\n") != 0) {
32 fprintf (stderr, _("%s: invalid work phone: '%s'\n"),
33 Prog, workph);
34 fail_exit (E_NOPERM);
35 }
36 - if (valid_field (homeph, ":,=") != 0) {
37 + if (valid_field (homeph, ":,=\n") != 0) {
38 fprintf (stderr, _("%s: invalid home phone: '%s'\n"),
39 Prog, homeph);
40 fail_exit (E_NOPERM);
41 }
42 - err = valid_field (slop, ":");
43 + err = valid_field (slop, ":\n");
44 if (err > 0) {
45 fprintf (stderr, _("%s: '%s' contains non-ASCII characters\n"), Prog, slop);
46 } else if (err < 0) {
47 --- a/src/chsh.
48 +++ b/src/chsh.c
49 @@ -528,7 +528,7 @@
50 * users are restricted to using the shells in /etc/shells.
51 * The shell must be executable by the user.
52 */
53 - if (valid_field (loginsh, ":,=") != 0) {
54 + if (valid_field (loginsh, ":,=\n") != 0) {
55 fprintf (stderr, _("%s: Invalid entry: %s\n"), Prog, loginsh);
56 fail_exit (1);
57 }