From cbdf9c8e3aee059591e3288794f7ae49d6d86556 Mon Sep 17 00:00:00 2001 From: Michal Hlavinka Date: Tue, 15 Jul 2025 17:19:17 +0200 Subject: [PATCH] do not crash when missing action argument (RHEL-102581) Resolves: RHEL-102581 --- usermode-1.114-fixnoargs.patch | 16 ++++++++++++++++ usermode.spec | 9 ++++++++- 2 files changed, 24 insertions(+), 1 deletion(-) create mode 100644 usermode-1.114-fixnoargs.patch diff --git a/usermode-1.114-fixnoargs.patch b/usermode-1.114-fixnoargs.patch new file mode 100644 index 0000000..9c8a7e2 --- /dev/null +++ b/usermode-1.114-fixnoargs.patch @@ -0,0 +1,16 @@ +diff -up usermode-1.114-build/usermode-1.114/userhelper.c.fixnoargs usermode-1.114-build/usermode-1.114/userhelper.c +--- usermode-1.114-build/usermode-1.114/userhelper.c.fixnoargs 2025-07-09 00:13:58.800352637 +0200 ++++ usermode-1.114-build/usermode-1.114/userhelper.c 2025-07-09 00:13:58.814677097 +0200 +@@ -2397,6 +2397,12 @@ main(int argc, char **argv) + exit(ERR_INVALID_CALL); + } + ++ if (!SHELL_FLAGS && !c_flag && !w_flag) { ++ debug_msg("userhelper: invalid call: " ++ "missing action argument\n"); ++ exit(ERR_INVALID_CALL); ++ } ++ + /* Determine which conversation function to use. */ + if (t_flag) { + /* We were told to use text mode. */ diff --git a/usermode.spec b/usermode.spec index 1403723..c185388 100644 --- a/usermode.spec +++ b/usermode.spec @@ -9,13 +9,16 @@ Summary: Tools for certain user account management tasks Name: usermode Version: 1.114 -Release: 12%{?dist} +Release: 13%{?dist} License: GPL-2.0-or-later URL: https://pagure.io/%{name}/ Source: https://releases.pagure.org/%{name}/%{name}-%{version}.tar.xz Source1: config-util # do not free environ as glibc may want to do that, RHEL-73769 Patch2: usermode-1.114-fixfree.patch + +# sent upstream, for <= 1.114, RHEL-90414 +Patch3: usermode-1.114-fixnoargs.patch Requires: pam, passwd, util-linux # https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/IJFYI5Q2BYZKIGDFS2WLOBDUSEGWHIKV/ BuildRequires: make @@ -56,6 +59,7 @@ graphical tools for certain account management tasks. %prep %setup -q %patch -P 2 -p1 -b .fixfree +%patch -P 3 -p2 -b .fixnoargs %build %configure --with-selinux --without-fexecve %{!?with_gtk:--without-gtk} @@ -116,6 +120,9 @@ done %endif %changelog +* Tue Jul 15 2025 Michal Hlavinka - 1.114-13 +- do not crash when missing action argument (RHEL-102581) + * Wed Jan 22 2025 Michal Hlavinka - 1.114-12 - do not (double) free environ as glibc may want to do that (RHEL-73769)