diff options
| author | Steve Langasek <vorlon@debian.org> | 2003-07-13 06:16:13 +0000 |
|---|---|---|
| committer | Steve Langasek <vorlon@debian.org> | 2003-07-13 06:16:13 +0000 |
| commit | f0bc1227ecb8b29522bc09f09573ccd851b64cec (patch) | |
| tree | 60eea663210f51b51db67451a2fb7f8786a63ffc | |
| parent | 1095d016c3e1d838e8b3b81425d34cf3027b87be (diff) | |
| download | pam-f0bc1227ecb8b29522bc09f09573ccd851b64cec.tar.gz pam-f0bc1227ecb8b29522bc09f09573ccd851b64cec.tar.bz2 pam-f0bc1227ecb8b29522bc09f09573ccd851b64cec.zip | |
Relevant BUGIDs: patch 476968
Purpose of commit: bugfix
Commit summary:
---------------
Patch from Nalin Dahyabhai to prevent a buffer overflow in pam_issue
(rare, but could be triggered by a race condition when the admin updates
/etc/issue).
| -rw-r--r-- | modules/pam_issue/pam_issue.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/pam_issue/pam_issue.c b/modules/pam_issue/pam_issue.c index 1f4853de..67f40c85 100644 --- a/modules/pam_issue/pam_issue.c +++ b/modules/pam_issue/pam_issue.c @@ -111,7 +111,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, return PAM_IGNORE; } memset (prompt_tmp, '\0', st.st_size + 1); - count = fread(prompt_tmp, sizeof(char *), st.st_size, fd); + count = fread(prompt_tmp, 1, st.st_size, fd); if (count != st.st_size) { free(prompt_tmp); return PAM_IGNORE; |