Retiring certain usernames. #1
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This patch retires the following usernames: * dmr - Dennis MacAlistair Ritchie (September 9, 1941 - October 12, 2011) * mrc - Mark Reed Crispin (July 19, 1956 - December 28, 2012) * jmc - John McCarthy (September 4, 1927 – October 24, 2011)
Cleanup the comments in the patch.
|
I don't think those 3 letters usernames should be forbidden. |
|
Really? Just like that? |
cgzones
added a commit
to cgzones/shadow
that referenced
this pull request
Jan 30, 2023
A crypt method needs to be specified before the rounds can set:
#0 __strcmp_sse42 () at ../sysdeps/x86_64/multiarch/strcmp-sse4_2.S:227
shadow-maint#1 0x0000555555557755 in process_flags (argv=0x7fffffffe4d8, argc=3) at chgpasswd.c:188
shadow-maint#2 main (argc=3, argv=0x7fffffffe4d8) at chgpasswd.c:427
chgpasswd.c:188:42: warning: use of NULL where non-null expected [CWE-476] [-Wanalyzer-null-argument]
cgzones
added a commit
to cgzones/shadow
that referenced
this pull request
Feb 28, 2023
A crypt method needs to be specified before the rounds can set:
#0 __strcmp_sse42 () at ../sysdeps/x86_64/multiarch/strcmp-sse4_2.S:227
shadow-maint#1 0x0000555555557755 in process_flags (argv=0x7fffffffe4d8, argc=3) at chgpasswd.c:188
shadow-maint#2 main (argc=3, argv=0x7fffffffe4d8) at chgpasswd.c:427
chgpasswd.c:188:42: warning: use of NULL where non-null expected [CWE-476] [-Wanalyzer-null-argument]
cgzones
added a commit
to cgzones/shadow
that referenced
this pull request
Mar 31, 2023
A crypt method needs to be specified before the rounds can set:
#0 __strcmp_sse42 () at ../sysdeps/x86_64/multiarch/strcmp-sse4_2.S:227
shadow-maint#1 0x0000555555557755 in process_flags (argv=0x7fffffffe4d8, argc=3) at chgpasswd.c:188
shadow-maint#2 main (argc=3, argv=0x7fffffffe4d8) at chgpasswd.c:427
chgpasswd.c:188:42: warning: use of NULL where non-null expected [CWE-476] [-Wanalyzer-null-argument]
cgzones
added a commit
to cgzones/shadow
that referenced
this pull request
Apr 1, 2023
Free the actual struct of the removed entry.
Example userdel report:
Direct leak of 40 byte(s) in 1 object(s) allocated from:
#0 0x55b230efe857 in reallocarray (./src/userdel+0xda857)
shadow-maint#1 0x55b230f6041f in mallocarray ./lib/./alloc.h:97:9
shadow-maint#2 0x55b230f6041f in commonio_open ./lib/commonio.c:563:7
shadow-maint#3 0x55b230f39098 in open_files ./src/userdel.c:555:6
shadow-maint#4 0x55b230f39098 in main ./src/userdel.c:1189:2
shadow-maint#5 0x7f9b48c64189 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
cgzones
added a commit
to cgzones/shadow
that referenced
this pull request
Apr 1, 2023
Destroying the handle does not actually disconnect, see [1]. Also free the key on user removal. [1]: https://github.com/SELinuxProject/selinux/blob/e9072e7d45f4559887d11b518099135cbe564163/libsemanage/src/direct_api.c#L330 Example adduser leak: Direct leak of 1008 byte(s) in 14 object(s) allocated from: #0 0x5638f2e782ae in __interceptor_malloc (./src/useradd+0xee2ae) shadow-maint#1 0x7fb5cfffad09 in dbase_file_init src/database_file.c:170:45 Direct leak of 392 byte(s) in 7 object(s) allocated from: #0 0x5638f2e782ae in __interceptor_malloc (./src/useradd+0xee2ae) shadow-maint#1 0x7fb5cfffc929 in dbase_policydb_init src/database_policydb.c:187:27 Direct leak of 144 byte(s) in 2 object(s) allocated from: #0 0x5638f2e782ae in __interceptor_malloc (./src/useradd+0xee2ae) shadow-maint#1 0x7fb5cfffb519 in dbase_join_init src/database_join.c:249:28 [...]
cgzones
added a commit
to cgzones/shadow
that referenced
this pull request
Apr 11, 2023
A crypt method needs to be specified before the rounds can set:
#0 __strcmp_sse42 () at ../sysdeps/x86_64/multiarch/strcmp-sse4_2.S:227
shadow-maint#1 0x0000555555557755 in process_flags (argv=0x7fffffffe4d8, argc=3) at chgpasswd.c:188
shadow-maint#2 main (argc=3, argv=0x7fffffffe4d8) at chgpasswd.c:427
chgpasswd.c:188:42: warning: use of NULL where non-null expected [CWE-476] [-Wanalyzer-null-argument]
hallyn
pushed a commit
that referenced
this pull request
Apr 26, 2023
Free the actual struct of the removed entry.
Example userdel report:
Direct leak of 40 byte(s) in 1 object(s) allocated from:
#0 0x55b230efe857 in reallocarray (./src/userdel+0xda857)
#1 0x55b230f6041f in mallocarray ./lib/./alloc.h:97:9
#2 0x55b230f6041f in commonio_open ./lib/commonio.c:563:7
#3 0x55b230f39098 in open_files ./src/userdel.c:555:6
#4 0x55b230f39098 in main ./src/userdel.c:1189:2
#5 0x7f9b48c64189 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
hallyn
pushed a commit
that referenced
this pull request
Apr 26, 2023
Destroying the handle does not actually disconnect, see [1]. Also free the key on user removal. [1]: https://github.com/SELinuxProject/selinux/blob/e9072e7d45f4559887d11b518099135cbe564163/libsemanage/src/direct_api.c#L330 Example adduser leak: Direct leak of 1008 byte(s) in 14 object(s) allocated from: #0 0x5638f2e782ae in __interceptor_malloc (./src/useradd+0xee2ae) #1 0x7fb5cfffad09 in dbase_file_init src/database_file.c:170:45 Direct leak of 392 byte(s) in 7 object(s) allocated from: #0 0x5638f2e782ae in __interceptor_malloc (./src/useradd+0xee2ae) #1 0x7fb5cfffc929 in dbase_policydb_init src/database_policydb.c:187:27 Direct leak of 144 byte(s) in 2 object(s) allocated from: #0 0x5638f2e782ae in __interceptor_malloc (./src/useradd+0xee2ae) #1 0x7fb5cfffb519 in dbase_join_init src/database_join.c:249:28 [...]
MarcinDigitic
added a commit
to MarcinDigitic/shadow
that referenced
this pull request
Jun 25, 2024
During coverity scan, there are reported four issues with unbounded source buffer for each usage of input arg directly with syslog function. Sample coverity test report for chsh.c file: 1. string_size_argv: argv contains strings with unknown size. int main (int argc, char **argv) [...] 4. var_assign_var: Assigning: user = argv[optind]. Both are now tainted. user = argv[optind]; [...] CID 5771784: (shadow-maint#1 of 1): Unbounded source buffer (STRING_SIZE) 15. string_size: Passing string user of unknown size to syslog. SYSLOG ((LOG_INFO, "changed user '%s' shell to '%s'", user, loginsh)); Similar issue is reported three times more: File: chfn.c, function: main, variable: user File: passwd.c, function: main, variable: name File: newgrp.c, function: main, variable: group The proposed commit is a try to fix the reported issues.
MarcinDigitic
added a commit
to MarcinDigitic/shadow
that referenced
this pull request
Jun 25, 2024
During coverity scan, there are reported four issues with unbounded source buffer for each usage of input arg directly with syslog function. Sample coverity test report for chsh.c file: 1. string_size_argv: argv contains strings with unknown size. int main (int argc, char **argv) [...] 4. var_assign_var: Assigning: user = argv[optind]. Both are now tainted. user = argv[optind]; [...] CID 5771784: (shadow-maint#1 of 1): Unbounded source buffer (STRING_SIZE) 15. string_size: Passing string user of unknown size to syslog. SYSLOG ((LOG_INFO, "changed user '%s' shell to '%s'", user, loginsh)); Similar issue is reported three times more: File: chfn.c, function: main, variable: user File: passwd.c, function: main, variable: name File: newgrp.c, function: main, variable: group The proposed commit is a try to fix the reported issues by adding a check for a valid user or group names.
MarcinDigitic
added a commit
to MarcinDigitic/shadow
that referenced
this pull request
Jun 25, 2024
During coverity scan, there are reported four issues with unbounded source buffer for each usage of input arg directly with syslog function. Sample coverity test report for chsh.c file: 1. string_size_argv: argv contains strings with unknown size. int main (int argc, char **argv) [...] 4. var_assign_var: Assigning: user = argv[optind]. Both are now tainted. user = argv[optind]; [...] CID 5771784: (shadow-maint#1 of 1): Unbounded source buffer (STRING_SIZE) 15. string_size: Passing string user of unknown size to syslog. SYSLOG ((LOG_INFO, "changed user '%s' shell to '%s'", user, loginsh)); Similar issue is reported three times more: File: chfn.c, function: main, variable: user File: passwd.c, function: main, variable: name File: newgrp.c, function: main, variable: group The proposed commit is a try to fix the reported issues.
MarcinDigitic
added a commit
to MarcinDigitic/shadow
that referenced
this pull request
Oct 14, 2024
During coverity scan, there are reported four issues with unbounded source buffer for each usage of input arg directly with syslog function. Sample coverity test report for chsh.c file: 1. string_size_argv: argv contains strings with unknown size. int main (int argc, char **argv) [...] 4. var_assign_var: Assigning: user = argv[optind]. Both are now tainted. user = argv[optind]; [...] CID 5771784: (shadow-maint#1 of 1): Unbounded source buffer (STRING_SIZE) 15. string_size: Passing string user of unknown size to syslog. SYSLOG ((LOG_INFO, "changed user '%s' shell to '%s'", user, loginsh)); Similar issue is reported three times more: File: chfn.c, function: main, variable: user File: passwd.c, function: main, variable: name File: newgrp.c, function: main, variable: group The proposed commit is a try to fix the reported issues.
MarcinDigitic
added a commit
to MarcinDigitic/shadow
that referenced
this pull request
Oct 14, 2024
During coverity scan, there are reported four issues with unbounded source buffer for each usage of input arg directly with syslog function. Sample coverity test report for chsh.c file: 1. string_size_argv: argv contains strings with unknown size. int main (int argc, char **argv) [...] 4. var_assign_var: Assigning: user = argv[optind]. Both are now tainted. user = argv[optind]; [...] CID 5771784: (shadow-maint#1 of 1): Unbounded source buffer (STRING_SIZE) 15. string_size: Passing string user of unknown size to syslog. SYSLOG ((LOG_INFO, "changed user '%s' shell to '%s'", user, loginsh)); Similar issue is reported three times more: File: chfn.c, function: main, variable: user File: passwd.c, function: main, variable: name File: newgrp.c, function: main, variable: group The proposed commit is a try to fix the reported issues.
MarcinDigitic
added a commit
to MarcinDigitic/shadow
that referenced
this pull request
Oct 14, 2024
During coverity scan, there are reported four issues with unbounded source buffer for each usage of input arg directly with syslog function. Sample coverity test report for chsh.c file: 1. string_size_argv: argv contains strings with unknown size. int main (int argc, char **argv) [...] 4. var_assign_var: Assigning: user = argv[optind]. Both are now tainted. user = argv[optind]; [...] CID 5771784: (shadow-maint#1 of 1): Unbounded source buffer (STRING_SIZE) 15. string_size: Passing string user of unknown size to syslog. SYSLOG ((LOG_INFO, "changed user '%s' shell to '%s'", user, loginsh)); Similar issue is reported three times more: File: chfn.c, function: main, variable: user File: passwd.c, function: main, variable: name File: newgrp.c, function: main, variable: group This commit is the first approach to fix the reported issues. The proposed changes add conditions verifing size of passed arguments for users and groups names. This will not fix the coverity reports, but the change causes that they are irrelevant and could be ignored.
MarcinDigitic
added a commit
to MarcinDigitic/shadow
that referenced
this pull request
Oct 14, 2024
During coverity scan, there are reported four issues with unbounded source buffer for each usage of input arg directly with syslog function. Sample coverity test report for chsh.c file: 1. string_size_argv: argv contains strings with unknown size. int main (int argc, char **argv) [...] 4. var_assign_var: Assigning: user = argv[optind]. Both are now tainted. user = argv[optind]; [...] CID 5771784: (shadow-maint#1 of 1): Unbounded source buffer (STRING_SIZE) 15. string_size: Passing string user of unknown size to syslog. SYSLOG ((LOG_INFO, "changed user '%s' shell to '%s'", user, loginsh)); Similar issue is reported three times more: File: chfn.c, function: main, variable: user File: passwd.c, function: main, variable: name File: newgrp.c, function: main, variable: group This commit is the first approach to fix the reported issues. The proposed changes add conditions, which verify the user and group names arguments, including their sizes. This will not fix the coverity reports, but the change causes that they are irrelevant and could be ignored.
MarcinDigitic
added a commit
to MarcinDigitic/shadow
that referenced
this pull request
Oct 14, 2024
During coverity scan, there are reported four issues with unbounded source buffer for each usage of input arg directly with syslog function. Sample coverity test report for chsh.c file: 1. string_size_argv: argv contains strings with unknown size. int main (int argc, char **argv) [...] 4. var_assign_var: Assigning: user = argv[optind]. Both are now tainted. user = argv[optind]; [...] CID 5771784: (shadow-maint#1 of 1): Unbounded source buffer (STRING_SIZE) 15. string_size: Passing string user of unknown size to syslog. SYSLOG ((LOG_INFO, "changed user '%s' shell to '%s'", user, loginsh)); Similar issue is reported three times more: File: chfn.c, function: main, variable: user File: passwd.c, function: main, variable: name File: newgrp.c, function: main, variable: group This commit is the first approach to fix the reported issues. The proposed changes add conditions, which verify the user and group names arguments, including their lengths. This will not silence the coverity reports, but the change causes that they are irrelevant and could be ignored.
MarcinDigitic
added a commit
to MarcinDigitic/shadow
that referenced
this pull request
Oct 16, 2024
During coverity scan, there are reported four issues with unbounded source buffer for each usage of input arg directly with syslog function. Sample coverity test report for chsh.c file: 1. string_size_argv: argv contains strings with unknown size. int main (int argc, char **argv) [...] 4. var_assign_var: Assigning: user = argv[optind]. Both are now tainted. user = argv[optind]; [...] CID 5771784: (shadow-maint#1 of 1): Unbounded source buffer (STRING_SIZE) 15. string_size: Passing string user of unknown size to syslog. SYSLOG ((LOG_INFO, "changed user '%s' shell to '%s'", user, loginsh)); Similar issue is reported three times more: File: chfn.c, function: main, variable: user File: passwd.c, function: main, variable: name File: newgrp.c, function: main, variable: group This commit is the first approach to fix the reported issues. The proposed changes add conditions, which verify the user and group names arguments, including their lengths. This will not silence the coverity reports, but the change causes that they are irrelevant and could be ignored.
alejandro-colomar
pushed a commit
that referenced
this pull request
Oct 22, 2024
During coverity scan, there are reported four issues with unbounded source buffer for each usage of input arg directly with syslog function. Sample coverity test report for chsh.c file: 1. string_size_argv: argv contains strings with unknown size. int main (int argc, char **argv) [...] 4. var_assign_var: Assigning: user = argv[optind]. Both are now tainted. user = argv[optind]; [...] CID 5771784: (#1 of 1): Unbounded source buffer (STRING_SIZE) 15. string_size: Passing string user of unknown size to syslog. SYSLOG ((LOG_INFO, "changed user '%s' shell to '%s'", user, loginsh)); Similar issue is reported three times more: File: chfn.c, function: main, variable: user File: passwd.c, function: main, variable: name File: newgrp.c, function: main, variable: group This commit is the first approach to fix the reported issues. The proposed changes add conditions, which verify the user and group names arguments, including their lengths. This will not silence the coverity reports, but the change causes that they are irrelevant and could be ignored.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This patch retires some usernames from common use.