shadow: add patch for CVE-2016-6252

this commit adds CVE-2016-6252.patch taken commit 1d5a926cc2d6078d23a96222b1ef3e558724dad1 which fixes the corresponding security issue. Closes: #5822 [via git-merge-pr]
2017-02-25 10:03:13 +01:00 · 2017-02-25 10:03:13 +01:00 · 0e9b60638f
commit 0e9b60638f
parent 05354bdefd
2 changed files with 29 additions and 1 deletions
--- a/srcpkgs/shadow/patches/CVE-2016-6252.patch
+++ b/srcpkgs/shadow/patches/CVE-2016-6252.patch
@ -0,0 +1,28 @@
+--- lib/getulong.c
+++ lib/getulong.c
+@@ -44,22 +44,19 @@
+  */
+ int getulong (const char *numstr, /*@out@*/unsigned long int *result)
+ {
+-	long long int val;
+	unsigned long int val;
+ 	char *endptr;
+ 
+ 	errno = 0;
+-	val = strtoll (numstr, &endptr, 0);
+	val = strtoul (numstr, &endptr, 0);
+ 	if (    ('\0' == *numstr)
+ 	     || ('\0' != *endptr)
+ 	     || (ERANGE == errno)
+-	     /*@+ignoresigns@*/
+-	     || (val != (unsigned long int)val)
+-	     /*@=ignoresigns@*/
+ 	   ) {
+ 		return 0;
+ 	}
+ 
+-	*result = (unsigned long int)val;
+	*result = val;
+ 	return 1;
+ }
+ 
--- a/srcpkgs/shadow/template
+++ b/srcpkgs/shadow/template
@ -1,7 +1,7 @@
 # Template file for 'shadow'
 pkgname=shadow
 version=4.2.1
-revision=14
+revision=15
 build_style=gnu-configure
 configure_args="--bindir=/usr/bin --sbindir=/usr/bin
 --libdir=/usr/lib --enable-shared --disable-static