poky/meta/recipes-extended/shadow/files/0001-Overhaul-valid_field.patch

From 2eaea70111f65b16d55998386e4ceb4273c19eb4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Fri, 31 Mar 2023 14:46:50 +0200
Subject: [PATCH] Overhaul valid_field()

e5905c4b ("Added control character check") introduced checking for
control characters but had the logic inverted, so it rejects all
characters that are not control ones.

Cast the character to `unsigned char` before passing to the character
checking functions to avoid UB.

Use strpbrk(3) for the illegal character test and return early.

Upstream-Status: Backport [https://github.com/shadow-maint/shadow/commit/2eaea70111f65b16d55998386e4ceb4273c19eb4]

Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
---
 lib/fields.c | 24 ++++++++++--------------
 1 file changed, 10 insertions(+), 14 deletions(-)

diff --git a/lib/fields.c b/lib/fields.c
index fb51b582..53929248 100644
--- a/lib/fields.c
+++ b/lib/fields.c
@@ -37,26 +37,22 @@ int valid_field (const char *field, const char *illegal)
 
 	/* For each character of field, search if it appears in the list
 	 * of illegal characters. */
+	if (illegal && NULL != strpbrk (field, illegal)) {
+		return -1;
+	}
+
+	/* Search if there are non-printable or control characters */
 	for (cp = field; '\0' != *cp; cp++) {
-		if (strchr (illegal, *cp) != NULL) {
+		unsigned char c = *cp;
+		if (!isprint (c)) {
+			err = 1;
+		}
+		if (iscntrl (c)) {
 			err = -1;
 			break;
 		}
 	}
 
-	if (0 == err) {
-		/* Search if there are non-printable or control characters */
-		for (cp = field; '\0' != *cp; cp++) {
-			if (!isprint (*cp)) {
-				err = 1;
-			}
-			if (!iscntrl (*cp)) {
-				err = -1;
-				break;
-			}
-		}
-	}
-
 	return err;
 }
 
-- 
2.34.1