76 lines
2.5 KiB
Diff
76 lines
2.5 KiB
Diff
|
From 91d4678388b2a7d768ee2ec8cc569e11fc223ffd Mon Sep 17 00:00:00 2001
|
||
|
From: Rosen Penev <rosenp@gmail.com>
|
||
|
Date: Sun, 15 Jul 2018 20:43:44 -0700
|
||
|
Subject: [PATCH] Replace strndupa with strncpy
|
||
|
|
||
|
glibc only. A static string is better.
|
||
|
|
||
|
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
||
|
[Retrieved from:
|
||
|
https://github.com/linux-pam/linux-pam/commit/91d4678388b2a7d768ee2ec8cc569e11fc223ffd]
|
||
|
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
||
|
---
|
||
|
modules/pam_exec/pam_exec.c | 31 +++++++++++--------------------
|
||
|
1 file changed, 11 insertions(+), 20 deletions(-)
|
||
|
|
||
|
diff --git a/modules/pam_exec/pam_exec.c b/modules/pam_exec/pam_exec.c
|
||
|
index 52dc6818..6cad16e4 100644
|
||
|
--- a/modules/pam_exec/pam_exec.c
|
||
|
+++ b/modules/pam_exec/pam_exec.c
|
||
|
@@ -102,7 +102,7 @@ call_exec (const char *pam_type, pam_handle_t *pamh,
|
||
|
int use_stdout = 0;
|
||
|
int optargc;
|
||
|
const char *logfile = NULL;
|
||
|
- const char *authtok = NULL;
|
||
|
+ char authtok[PAM_MAX_RESP_SIZE] = {};
|
||
|
pid_t pid;
|
||
|
int fds[2];
|
||
|
int stdout_fds[2];
|
||
|
@@ -180,12 +180,12 @@ call_exec (const char *pam_type, pam_handle_t *pamh,
|
||
|
if (resp)
|
||
|
{
|
||
|
pam_set_item (pamh, PAM_AUTHTOK, resp);
|
||
|
- authtok = strndupa (resp, PAM_MAX_RESP_SIZE);
|
||
|
+ strncpy (authtok, resp, sizeof(authtok) - 1);
|
||
|
_pam_drop (resp);
|
||
|
}
|
||
|
}
|
||
|
else
|
||
|
- authtok = strndupa (void_pass, PAM_MAX_RESP_SIZE);
|
||
|
+ strncpy (authtok, void_pass, sizeof(authtok) - 1);
|
||
|
|
||
|
if (pipe(fds) != 0)
|
||
|
{
|
||
|
@@ -225,23 +225,14 @@ call_exec (const char *pam_type, pam_handle_t *pamh,
|
||
|
|
||
|
if (expose_authtok) /* send the password to the child */
|
||
|
{
|
||
|
- if (authtok != NULL)
|
||
|
- { /* send the password to the child */
|
||
|
- if (debug)
|
||
|
- pam_syslog (pamh, LOG_DEBUG, "send password to child");
|
||
|
- if (write(fds[1], authtok, strlen(authtok)+1) == -1)
|
||
|
- pam_syslog (pamh, LOG_ERR,
|
||
|
- "sending password to child failed: %m");
|
||
|
- authtok = NULL;
|
||
|
- }
|
||
|
- else
|
||
|
- {
|
||
|
- if (write(fds[1], "", 1) == -1) /* blank password */
|
||
|
- pam_syslog (pamh, LOG_ERR,
|
||
|
- "sending password to child failed: %m");
|
||
|
- }
|
||
|
- close(fds[0]); /* close here to avoid possible SIGPIPE above */
|
||
|
- close(fds[1]);
|
||
|
+ if (debug)
|
||
|
+ pam_syslog (pamh, LOG_DEBUG, "send password to child");
|
||
|
+ if (write(fds[1], authtok, strlen(authtok)) == -1)
|
||
|
+ pam_syslog (pamh, LOG_ERR,
|
||
|
+ "sending password to child failed: %m");
|
||
|
+
|
||
|
+ close(fds[0]); /* close here to avoid possible SIGPIPE above */
|
||
|
+ close(fds[1]);
|
||
|
}
|
||
|
|
||
|
if (use_stdout)
|