pam_nologin: prevent short read

If /etc/nologin is larger than INT_MAX, the error messages are
misleading. No unexpected internal read error occurs, but instead
the internal limitations are reached.

Indicate that the file is too large if it is larger than INT_MAX.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

1 files changed, 9 insertions, 1 deletions

diff --git a/modules/pam_nologin/pam_nologin.c b/modules/pam_nologin/pam_nologin.c
index 90ae6d04..50575e1f 100644
--- a/modules/pam_nologin/pam_nologin.c
+++ b/modules/pam_nologin/pam_nologin.c
@@ -6,7 +6,9 @@
 
 #include "config.h"
 
+#include <limits.h>
 #include <stdio.h>
+#include <stdint.h>
 #include <stdlib.h>
 #include <unistd.h>
 #include <fcntl.h>
@@ -111,7 +113,13 @@ static int perform_check(pam_handle_t *pamh, struct opt_s *opts)
 	/* Don't print anything if the message is empty, will only
 	   disturb the output with empty lines */
 	if (st.st_size > 0) {
-	    char *mtmp = malloc(st.st_size+1);
+	    char *mtmp;
+	    if ((uintmax_t)st.st_size > (uintmax_t)INT_MAX) {
+	        pam_syslog(pamh, LOG_CRIT, "file too large");
+	        retval = PAM_SYSTEM_ERR;
+	        goto clean_up_fd;
+	    }
+	    mtmp = malloc(st.st_size+1);
 	    if (!mtmp) {
 	        pam_syslog(pamh, LOG_CRIT, "out of memory");
 	        retval = PAM_BUF_ERR;