Bug#721737: marked as done (nis: segfault in yppasswd when using shadow)

Tue, 16 Dec 2014 03:51:32 -0800 

Your message dated Tue, 16 Dec 2014 11:49:07 +0000
with message-id <[email protected]>
and subject line Bug#721737: fixed in nis 3.17-34
has caused the Debian Bug report #721737,
regarding nis: segfault in yppasswd when using shadow
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
721737: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721737
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: nis
Version: 3.17-32
Severity: normal

I might have something in my NIS configuration that is displaying this bug, but 
I think it is a bug whether or not that is the case.
On line 410 of yppasswd.c, crypt() is run, with the salt parameter that is only 
checked to be one character long.
If a length=1 string is passed in as the salt, crypt returns null, which then 
crashes in the strncmp.

Arguably, this might be better fixed inside crypt(), though I don't know enough 
to know the consequences of that.

Here is the fix for nis that will workaround this issue:
--- nis-3.17.orig/yp-tools-2.9/src/yppasswd.c   2013-09-03 12:08:35.000000000 
-0400
+++ ./yppasswd.c        2013-09-03 12:07:30.000000000 -0400
@@ -406,7 +406,7 @@
       return 0;
     }
 
-  if (pwd->pw_passwd[0]
+  if (pwd->pw_passwd[0] && pwd->pw_passwd[1]
       && !strncmp (pwd->pw_passwd, crypt (pwdstr, pwd->pw_passwd), 13)
       && uid)
     {

In my case, the pwd->pw_passwd is "x", I think because yp doesn't have access 
to my current password because I am not root.


-- Package-specific info:

-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.9-1-amd64 (SMP w/24 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=ANSI_X3.4-1968) 
(ignored: LC_ALL set to C)
Shell: /bin/sh linked to /bin/dash

Versions of packages nis depends on:
ii  debconf [debconf-2.0]  1.5.50
ii  hostname               3.13
ii  libc6                  2.17-92
ii  libdbus-1-3            1.6.12-1
ii  libdbus-glib-1-2       0.100.2-1
ii  libgdbm3               1.8.3-12
ii  libglib2.0-0           2.36.4-1
ii  libslp1                1.2.1-9
ii  lsb-base               4.1+Debian12
ii  make                   3.81-8.2
ii  netbase                5.1
ii  rpcbind [portmap]      0.2.0-8.1

nis recommends no packages.

Versions of packages nis suggests:
pn  nscd  <none>

-- debconf information excluded

--- End Message ---
--- Begin Message --- 
Source: nis
Source-Version: 3.17-34

We believe that the bug you reported is fixed in the latest version of
nis, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Mark Brown <[email protected]> (supplier of updated nis package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sat, 13 Dec 2014 11:20:12 +0000
Source: nis
Binary: nis
Architecture: source amd64
Version: 3.17-34
Distribution: unstable
Urgency: medium
Maintainer: Mark Brown <[email protected]>
Changed-By: Mark Brown <[email protected]>
Description:
 nis        - clients and daemons for the Network Information Service (NIS)
Closes: 721737
Changes:
 nis (3.17-34) unstable; urgency=medium
 .
   * Make sure both characters in the salt are present before calling
     crypt() rather than just the first in yppasswd fixing operation
     with shadow passwords after a change in the behaviour of crypt()
     with invalid salts (closes: #721737).
Checksums-Sha1:
 5696428cae2c0d415a99ac0aecec74f1ccd3d0d3 1437 nis_3.17-34.dsc
 6c2490d56188cd0c63902161afcda77fb9c2b3cf 44474 nis_3.17-34.diff.gz
 4ea12787b89f732b282101ddb42b7464ea04f413 169036 nis_3.17-34_amd64.deb
Checksums-Sha256:
 d20894d185068777532032ddca68c6a867faedef746588feca13abb8f6e0abf6 1437 
nis_3.17-34.dsc
 844a119fbbd21e57b93ff1298d4fecb6f9a6056749c1064c3a643754732d83b3 44474 
nis_3.17-34.diff.gz
 4f683335b5ac886449cf30c345f29f17622a6370ec87a33cd48a9ec7c5a2d2e3 169036 
nis_3.17-34_amd64.deb
Files:
 36e624ab426c50afc3cee140e0761c38 1437 net extra nis_3.17-34.dsc
 bd8f972d794518c45d1af851c603005f 44474 net extra nis_3.17-34.diff.gz
 2d37e237b9f879300bf241f7cb2c4de2 169036 net extra nis_3.17-34_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJUkBjaAAoJECTWi3JdVIfQ9eYH/2lH06cStipUXJcLZzWWkkNT
/vt+WyBVKm0m5EUj2WJSlh1FCjV+JQd5ZMlEvhHwY+idcg5O76LmV/y+BIozrSJG
40Fa63fhHNZS3BXNOPJbFZlvr/oNMn5gS1h6gvoeW0i5ox0rPsTNqZk8sQi0hhyG
CdjXY/UXsFslty87HtxovDHbzjjpW2n3hECS0Gr6TVi9zoI3nskx5jTEE94G1Rqu
/L8gDlc7bY4jGhPOW1OFc+4l2zA1anw9PyhXbOUkwpowB7UTE2dAzkFLwDDH8yW/
P2pPOUhnlBMVW6MytsWJtfaEmtBC969BjfOiZM59/4Wx0KUGyAkFVRgTggNJ2+I=
=W1+n
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to