From 2771f79232c273bc2a57d23bf335dd81ccf6af28 Mon Sep 17 00:00:00 2001
From: V3n3RiX <venerix@koprulu.sector>
Date: Sun, 5 Dec 2021 02:47:11 +0000
Subject: gentoo resync : 05.12.2021

---
 .../shadow/files/shadow-4.9-configure-typo.patch   | 19 ++++++++++++
 .../files/shadow-4.9-gpasswd-double-free.patch     | 35 ++++++++++++++++++++++
 2 files changed, 54 insertions(+)
 create mode 100644 sys-apps/shadow/files/shadow-4.9-configure-typo.patch
 create mode 100644 sys-apps/shadow/files/shadow-4.9-gpasswd-double-free.patch

(limited to 'sys-apps/shadow/files')

diff --git a/sys-apps/shadow/files/shadow-4.9-configure-typo.patch b/sys-apps/shadow/files/shadow-4.9-configure-typo.patch
new file mode 100644
index 000000000000..1a6db304a013
--- /dev/null
+++ b/sys-apps/shadow/files/shadow-4.9-configure-typo.patch
@@ -0,0 +1,19 @@
+https://github.com/shadow-maint/shadow/commit/049f9a7f6b320c728a6274299041e360381d7cd5
+
+From 049f9a7f6b320c728a6274299041e360381d7cd5 Mon Sep 17 00:00:00 2001
+From: Andy Zaugg <andy.zaugg@gmail.com>
+Date: Tue, 21 Sep 2021 21:51:10 -0700
+Subject: [PATCH] Fix parentheses in configure.ac
+
+Resolving issue https://github.com/shadow-maint/shadow/issues/419
+--- a/configure.ac
++++ b/configure.ac
+@@ -345,7 +345,7 @@ if test "$with_sssd" = "yes"; then
+ 	              [AC_MSG_ERROR([posix_spawn is needed for sssd support])])
+ fi
+ 
+-AS_IF([test "$with_su" != "no"], AC_DEFINE(WITH_SU, 1, [Build with su])])
++AS_IF([test "$with_su" != "no"], AC_DEFINE(WITH_SU, 1, [Build with su]))
+ AM_CONDITIONAL([WITH_SU], [test "x$with_su" != "xno"])
+ 
+ dnl Check for some functions in libc first, only if not found check for
diff --git a/sys-apps/shadow/files/shadow-4.9-gpasswd-double-free.patch b/sys-apps/shadow/files/shadow-4.9-gpasswd-double-free.patch
new file mode 100644
index 000000000000..d7102ce03c32
--- /dev/null
+++ b/sys-apps/shadow/files/shadow-4.9-gpasswd-double-free.patch
@@ -0,0 +1,35 @@
+https://github.com/shadow-maint/shadow/commit/117bc66c6f95fa85ca75ecfdb8fbd3615deca0b6
+
+From 117bc66c6f95fa85ca75ecfdb8fbd3615deca0b6 Mon Sep 17 00:00:00 2001
+From: Michael Vetter <jubalh@iodoru.org>
+Date: Mon, 20 Sep 2021 11:04:50 +0200
+Subject: [PATCH] Only free sgent if it was initialized
+
+`sgent` is only initialized in `get_group()` if `is_shadowgrp` is true.
+So we should also only attempt to free it if this is actually the case.
+
+Can otherwise lead to:
+```
+free() double free detected in tcache 2 (gpasswd)
+```
+--- a/src/gpasswd.c
++++ b/src/gpasswd.c
+@@ -1207,11 +1207,13 @@ int main (int argc, char **argv)
+ 	sssd_flush_cache (SSSD_DB_GROUP);
+ 
+ #ifdef SHADOWGRP
+-	if (sgent.sg_adm) {
+-		xfree(sgent.sg_adm);
+-	}
+-	if (sgent.sg_mem) {
+-		xfree(sgent.sg_mem);
++	if (is_shadowgrp) {
++		if (sgent.sg_adm) {
++			xfree(sgent.sg_adm);
++		}
++		if (sgent.sg_mem) {
++			xfree(sgent.sg_mem);
++		}
+ 	}
+ #endif
+ 	if (grent.gr_mem) {
-- 
cgit v1.2.3