Changeset 943 in openpam


Ignore:
Timestamp:
Feb 20, 2019, 1:23:51 PM (5 months ago)
Author:
Dag-Erling Smørgrav
Message:

Fix an off-by-one bug in pam_getenv() which was inadvertantly
introduced when pam_getenv() was (needlessly) rewritten as part of
r913. Rewrite pam_getenv() again (but correctly, this time) to reduce
the number of times we iterate over the same string. Add a few unit
tests for pam_{get,put,set}env(), including one which would have
caught the bug.

Credit goes to Tim Creech <tcreech@…> for discovering and
reporting the bug.

Location:
trunk
Files:
3 added
4 edited

Legend:

Unmodified
Added
Removed

  • trunk/CREDITS

    r902 r943  
    5050        Solar Designer <solar@openwall.com>
    5151        Takanori Saneto <sanewo@ba2.so-net.ne.jp>
     52        Tim Creech <tcreech@tcreech.com>
    5253        Wojciech A. Koszek <wkoszek@freebsd.org>
    5354        Yar Tikhiy <yar@freebsd.org>

  • trunk/lib/libpam/pam_getenv.c

    r938 r943  
    5959        const char *name)
    6060{
    61         char *str;
     61        size_t len;
    6262        int i;
    6363
    6464        ENTERS(name);
    65         if (strchr(name, '=') != NULL) {
    66                 errno = EINVAL;
     65        for (len = 0; name[len] != '\0'; ++len) {
     66                if (name[len] == '=') {
     67                        errno = EINVAL;
     68                        RETURNS(NULL);
     69                }
     70        }
     71        if ((i = openpam_findenv(pamh, name, len)) < 0)
    6772                RETURNS(NULL);
    68         }
    69         if ((i = openpam_findenv(pamh, name, strlen(name))) < 0)
    70                 RETURNS(NULL);
    71         if ((str = strchr(pamh->env[i], '=')) == NULL)
    72                 RETURNS("");
    73         RETURNS(str);
     73        /* assert(pamh->env[i][len] == '='); */
     74        RETURNS(pamh->env[i] + len + 1);
    7475}
    7576

  • trunk/t

    • Property svn:ignore

      •  

        old new  
        77t_openpam_readlinev
        88t_openpam_readword
         9t_pam_env
        910*.log
        1011*.trs

  • trunk/t/Makefile.am

    r940 r943  
    99        PAM_RETURN_SO=$(abs_top_builddir)/modules/pam_return/.libs/pam_return.so
    1010
    11 noinst_HEADERS = t_pam_conv.h
    12 
    1311# tests
    1412TESTS =
     
    1715TESTS += t_openpam_readword
    1816TESTS += t_openpam_readlinev
     17TESTS += t_pam_env
    1918check_PROGRAMS = $(TESTS)
    2019
    2120# libt - common support code
    2221check_LIBRARIES = libt.a
    23 libt_a_SOURCES = t_pam_conv.c
     22libt_a_SOURCES = t_pam_conv.c t_pam_err.c
     23noinst_HEADERS = t_pam_conv.h t_pam_err.h
    2424
    2525# link with libpam and test framework
Note: See TracChangeset for help on using the changeset viewer.