rpms/usermode
6
0
Fork 0
Code Issues Pull Requests Releases Activity

do not crash when missing action argument (RHEL-90414)

Browse Source 
Resolves: RHEL-90414
This commit is contained in:
Michal Hlavinka 2025-07-09 10:53:34 +02:00
parent 5033378421
commit f58a3562cc
2 changed files with 24 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
usermode-1.114-fixnoargs.patch Normal file
View File

@ -0,0 +1,16 @@
diff -up usermode-1.114-build/usermode-1.114/userhelper.c.fixnoargs usermode-1.114-build/usermode-1.114/userhelper.c
--- usermode-1.114-build/usermode-1.114/userhelper.c.fixnoargs 2025-07-09 00:13:58.800352637 +0200
+++ usermode-1.114-build/usermode-1.114/userhelper.c 2025-07-09 00:13:58.814677097 +0200
@@ -2397,6 +2397,12 @@ main(int argc, char **argv)
exit(ERR_INVALID_CALL);
}
+ if (!SHELL_FLAGS && !c_flag && !w_flag) {
+ debug_msg("userhelper: invalid call: "
+ "missing action argument\n");
+ exit(ERR_INVALID_CALL);
+ }
+
/* Determine which conversation function to use. */
if (t_flag) {
/* We were told to use text mode. */

9
usermode.spec
View File

@ -4,7 +4,7 @@
Summary: Tools for certain user account management tasks
Name: usermode
Version: 1.114
Release: 6%{?dist}
Release: 7%{?dist}
License: GPLv2+
URL: https://pagure.io/%{name}/
Source: https://releases.pagure.org/%{name}/%{name}-%{version}.tar.xz
@ -12,6 +12,9 @@ Source1: config-util
Patch1: usermode-1.114-fix_sast.patch
# do not free environ as glibc may want to do that, RHEL-76332
Patch2: usermode-1.114-fixfree.patch
# sent upstream, for <= 1.114, RHEL-90414
Patch3: usermode-1.114-fixnoargs.patch
Requires: pam, passwd, util-linux
# https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/IJFYI5Q2BYZKIGDFS2WLOBDUSEGWHIKV/
BuildRequires: make
@ -53,6 +56,7 @@ graphical tools for certain account management tasks.
%setup -q
%patch -P 1 -p1 -b .fix_sast
%patch -P 2 -p1 -b .fixfree
%patch -P 3 -p2 -b .fixnoargs
%build
%configure --with-selinux --without-fexecve %{!?with_gtk:--without-gtk}
@ -113,6 +117,9 @@ done
%endif
%changelog
* Wed Jul 09 2025 Michal Hlavinka <mhlavink@redhat.com> - 1.114-7
- do not crash when missing action argument (RHEL-90414)
* Mon Jan 27 2025 Michal Hlavinka <mhlavink@redhat.com> - 1.114-6
- do not (double) free environ as glibc may want to do that (RHEL-76332)