diff options
| author | Tobias Stoeckmann <tobias@stoeckmann.org> | 2023-12-14 19:50:12 +0100 |
|---|---|---|
| committer | Dmitry V. Levin <ldv@strace.io> | 2023-12-14 20:04:32 +0000 |
| commit | 9f733e5f3b8ae092e405d8bffa523a22155a7f6a (patch) | |
| tree | 286eddb01419ff259636382239d69ff5e4a4c0e8 | |
| parent | 954234f0a477636eab751a6601d34bab1db41b0e (diff) | |
| download | pam-9f733e5f3b8ae092e405d8bffa523a22155a7f6a.tar.gz pam-9f733e5f3b8ae092e405d8bffa523a22155a7f6a.tar.bz2 pam-9f733e5f3b8ae092e405d8bffa523a22155a7f6a.zip | |
treewide: store strlen results in size_t
Very long strings could overflow the int data type. Make sure to use
the correct data type.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
| -rw-r--r-- | libpam/pam_misc.c | 3 | ||||
| -rw-r--r-- | libpamc/pamc_load.c | 2 | ||||
| -rw-r--r-- | modules/pam_access/pam_access.c | 12 | ||||
| -rw-r--r-- | modules/pam_debug/pam_debug.c | 2 | ||||
| -rw-r--r-- | modules/pam_namespace/pam_namespace.c | 8 | ||||
| -rw-r--r-- | modules/pam_unix/support.c | 2 |
6 files changed, 15 insertions, 14 deletions
diff --git a/libpam/pam_misc.c b/libpam/pam_misc.c index f0b35c28..f4e81a55 100644 --- a/libpam/pam_misc.c +++ b/libpam/pam_misc.c @@ -264,7 +264,8 @@ void _pam_parse_control(int *control_array, char *tok) int ret; while (*tok) { - int act, len; + size_t len; + int act; /* skip leading space */ while (isspace((unsigned char)*tok) && *++tok); diff --git a/libpamc/pamc_load.c b/libpamc/pamc_load.c index f7365990..c1a39f5b 100644 --- a/libpamc/pamc_load.c +++ b/libpamc/pamc_load.c @@ -245,7 +245,7 @@ int pamc_disable(pamc_handle_t pch, const char *agent_id) int pamc_load(pamc_handle_t pch, const char *agent_id) { pamc_agent_t *agent; - int length; + size_t length; /* santity checking */ diff --git a/modules/pam_access/pam_access.c b/modules/pam_access/pam_access.c index 04d7306b..a8efdf30 100644 --- a/modules/pam_access/pam_access.c +++ b/modules/pam_access/pam_access.c @@ -427,8 +427,8 @@ login_access (pam_handle_t *pamh, struct login_info *item) #ifdef HAVE_LIBAUDIT int nonall_match = NO; #endif - int end; - int lineno = 0; /* for diagnostics */ + size_t end; + size_t lineno = 0; /* for diagnostics */ char *sptr; if (item->debug) @@ -450,7 +450,7 @@ login_access (pam_handle_t *pamh, struct login_info *item) lineno++; if (line[end = strlen(line) - 1] != '\n') { pam_syslog(pamh, LOG_ERR, - "%s: line %d: missing newline or line too long", + "%s: line %zu: missing newline or line too long", item->config_file, lineno); continue; } @@ -466,18 +466,18 @@ login_access (pam_handle_t *pamh, struct login_info *item) if (!(perm = strtok_r(line, item->fs, &sptr)) || !(users = strtok_r(NULL, item->fs, &sptr)) || !(froms = strtok_r(NULL, "\n", &sptr))) { - pam_syslog(pamh, LOG_ERR, "%s: line %d: bad field count", + pam_syslog(pamh, LOG_ERR, "%s: line %zu: bad field count", item->config_file, lineno); continue; } if (perm[0] != '+' && perm[0] != '-') { - pam_syslog(pamh, LOG_ERR, "%s: line %d: bad first field", + pam_syslog(pamh, LOG_ERR, "%s: line %zu: bad first field", item->config_file, lineno); continue; } if (item->debug) pam_syslog (pamh, LOG_DEBUG, - "line %d: %s : %s : %s", lineno, perm, users, froms); + "line %zu: %s : %s : %s", lineno, perm, users, froms); match = list_match(pamh, users, NULL, item, user_match); if (item->debug) pam_syslog (pamh, LOG_DEBUG, "user_match=%d, \"%s\"", diff --git a/modules/pam_debug/pam_debug.c b/modules/pam_debug/pam_debug.c index 414806b2..37bf8b95 100644 --- a/modules/pam_debug/pam_debug.c +++ b/modules/pam_debug/pam_debug.c @@ -40,7 +40,7 @@ static int parse_args(int retval, const char *event, int i; for (i=0; i<argc; ++i) { - int length = strlen(event); + size_t length = strlen(event); if (!strncmp(event, argv[i], length) && (argv[i][length] == '=')) { int j; const char *return_string = argv[i] + (length+1); diff --git a/modules/pam_namespace/pam_namespace.c b/modules/pam_namespace/pam_namespace.c index 4d24d356..36c8261b 100644 --- a/modules/pam_namespace/pam_namespace.c +++ b/modules/pam_namespace/pam_namespace.c @@ -207,7 +207,7 @@ static char *expand_variables(const char *orig, const char *var_names[], const c if (*src == '$') { int i; for (i = 0; var_names[i]; i++) { - int namelen = strlen(var_names[i]); + size_t namelen = strlen(var_names[i]); if (strncmp(var_names[i], src+1, namelen) == 0) { dstlen += strlen(var_values[i]) - 1; /* $ */ src += namelen; @@ -225,7 +225,7 @@ static char *expand_variables(const char *orig, const char *var_names[], const c if (c == '$') { int i; for (i = 0; var_names[i]; i++) { - int namelen = strlen(var_names[i]); + size_t namelen = strlen(var_names[i]); if (strncmp(var_names[i], src+1, namelen) == 0) { dst = stpcpy(dst, var_values[i]); --dst; @@ -419,7 +419,7 @@ static int parse_method(char *method, struct polydir_s *poly, while ((flag=strtok_r(NULL, ":", &sptr)) != NULL) { for (i = 0; flag_names[i]; i++) { - int namelen = strlen(flag_names[i]); + size_t namelen = strlen(flag_names[i]); if (strncmp(flag, flag_names[i], namelen) == 0) { poly->flags |= flag_values[i]; @@ -480,7 +480,7 @@ static int process_line(char *line, const char *home, const char *rhome, static const char *var_names[] = {"HOME", "USER", NULL}; const char *var_values[] = {home, idata->user}; const char *rvar_values[] = {rhome, idata->ruser}; - int len; + size_t len; /* * skip the leading white space diff --git a/modules/pam_unix/support.c b/modules/pam_unix/support.c index 9cc39ad7..eb2fff50 100644 --- a/modules/pam_unix/support.c +++ b/modules/pam_unix/support.c @@ -582,7 +582,7 @@ static int _unix_run_helper_binary(pam_handle_t *pamh, const char *passwd, /* if the stored password is NULL */ int rc=0; if (passwd != NULL) { /* send the password to the child */ - int len = strlen(passwd); + size_t len = strlen(passwd); if (len > PAM_MAX_RESP_SIZE) len = PAM_MAX_RESP_SIZE; |