You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

74 lines
2.3 KiB

  1. From 9f23ba5a40b42acf4463b593bffd73caee8b527c Mon Sep 17 00:00:00 2001
  2. From: Rosen Penev <rosenp@gmail.com>
  3. Date: Sun, 15 Jul 2018 20:43:44 -0700
  4. Subject: [PATCH] Replace strndupa with strcpy
  5. glibc only. A static string is better.
  6. Signed-off-by: Rosen Penev <rosenp@gmail.com>
  7. ---
  8. modules/pam_exec/pam_exec.c | 31 +++++++++++--------------------
  9. 1 file changed, 11 insertions(+), 20 deletions(-)
  10. diff --git a/modules/pam_exec/pam_exec.c b/modules/pam_exec/pam_exec.c
  11. index 0ab6548..2fbab4f 100644
  12. --- a/modules/pam_exec/pam_exec.c
  13. +++ b/modules/pam_exec/pam_exec.c
  14. @@ -102,7 +102,7 @@ call_exec (const char *pam_type, pam_handle_t *pamh,
  15. int use_stdout = 0;
  16. int optargc;
  17. const char *logfile = NULL;
  18. - const char *authtok = NULL;
  19. + char authtok[PAM_MAX_RESP_SIZE];
  20. pid_t pid;
  21. int fds[2];
  22. int stdout_fds[2];
  23. @@ -178,11 +178,11 @@ call_exec (const char *pam_type, pam_handle_t *pamh,
  24. }
  25. pam_set_item (pamh, PAM_AUTHTOK, resp);
  26. - authtok = strndupa (resp, PAM_MAX_RESP_SIZE);
  27. + strcpy (authtok, resp);
  28. _pam_drop (resp);
  29. }
  30. else
  31. - authtok = strndupa (void_pass, PAM_MAX_RESP_SIZE);
  32. + strcpy (authtok, void_pass);
  33. if (pipe(fds) != 0)
  34. {
  35. @@ -222,23 +222,14 @@ call_exec (const char *pam_type, pam_handle_t *pamh,
  36. if (expose_authtok) /* send the password to the child */
  37. {
  38. - if (authtok != NULL)
  39. - { /* send the password to the child */
  40. - if (debug)
  41. - pam_syslog (pamh, LOG_DEBUG, "send password to child");
  42. - if (write(fds[1], authtok, strlen(authtok)+1) == -1)
  43. - pam_syslog (pamh, LOG_ERR,
  44. - "sending password to child failed: %m");
  45. - authtok = NULL;
  46. - }
  47. - else
  48. - {
  49. - if (write(fds[1], "", 1) == -1) /* blank password */
  50. - pam_syslog (pamh, LOG_ERR,
  51. - "sending password to child failed: %m");
  52. - }
  53. - close(fds[0]); /* close here to avoid possible SIGPIPE above */
  54. - close(fds[1]);
  55. + if (debug)
  56. + pam_syslog (pamh, LOG_DEBUG, "send password to child");
  57. + if (write(fds[1], authtok, strlen(authtok)) == -1)
  58. + pam_syslog (pamh, LOG_ERR,
  59. + "sending password to child failed: %m");
  60. +
  61. + close(fds[0]); /* close here to avoid possible SIGPIPE above */
  62. + close(fds[1]);
  63. }
  64. if (use_stdout)
  65. --
  66. 2.19.1