kumquat-buildroot/package/linux-pam/0003-Replace-strndupa-with-strncpy.patch

76 lines
2.5 KiB
Diff
Raw Normal View History

From 91d4678388b2a7d768ee2ec8cc569e11fc223ffd Mon Sep 17 00:00:00 2001
From: Rosen Penev <rosenp@gmail.com>
Date: Sun, 15 Jul 2018 20:43:44 -0700
Subject: [PATCH] Replace strndupa with strncpy
glibc only. A static string is better.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
[Retrieved from:
https://github.com/linux-pam/linux-pam/commit/91d4678388b2a7d768ee2ec8cc569e11fc223ffd]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
modules/pam_exec/pam_exec.c | 31 +++++++++++--------------------
1 file changed, 11 insertions(+), 20 deletions(-)
diff --git a/modules/pam_exec/pam_exec.c b/modules/pam_exec/pam_exec.c
index 52dc6818..6cad16e4 100644
--- a/modules/pam_exec/pam_exec.c
+++ b/modules/pam_exec/pam_exec.c
@@ -102,7 +102,7 @@ call_exec (const char *pam_type, pam_handle_t *pamh,
int use_stdout = 0;
int optargc;
const char *logfile = NULL;
- const char *authtok = NULL;
+ char authtok[PAM_MAX_RESP_SIZE] = {};
pid_t pid;
int fds[2];
int stdout_fds[2];
@@ -180,12 +180,12 @@ call_exec (const char *pam_type, pam_handle_t *pamh,
if (resp)
{
pam_set_item (pamh, PAM_AUTHTOK, resp);
- authtok = strndupa (resp, PAM_MAX_RESP_SIZE);
+ strncpy (authtok, resp, sizeof(authtok) - 1);
_pam_drop (resp);
}
}
else
- authtok = strndupa (void_pass, PAM_MAX_RESP_SIZE);
+ strncpy (authtok, void_pass, sizeof(authtok) - 1);
if (pipe(fds) != 0)
{
@@ -225,23 +225,14 @@ call_exec (const char *pam_type, pam_handle_t *pamh,
if (expose_authtok) /* send the password to the child */
{
- if (authtok != NULL)
- { /* send the password to the child */
- if (debug)
- pam_syslog (pamh, LOG_DEBUG, "send password to child");
- if (write(fds[1], authtok, strlen(authtok)+1) == -1)
- pam_syslog (pamh, LOG_ERR,
- "sending password to child failed: %m");
- authtok = NULL;
- }
- else
- {
- if (write(fds[1], "", 1) == -1) /* blank password */
- pam_syslog (pamh, LOG_ERR,
- "sending password to child failed: %m");
- }
- close(fds[0]); /* close here to avoid possible SIGPIPE above */
- close(fds[1]);
+ if (debug)
+ pam_syslog (pamh, LOG_DEBUG, "send password to child");
+ if (write(fds[1], authtok, strlen(authtok)) == -1)
+ pam_syslog (pamh, LOG_ERR,
+ "sending password to child failed: %m");
+
+ close(fds[0]); /* close here to avoid possible SIGPIPE above */
+ close(fds[1]);
}
if (use_stdout)