libpam: fix possible heap overflow in _pam_strdup - pam.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Tobias Stoeckmann <tobias@stoeckmann.org>	2023-11-10 20:25:14 +0100
committer	Tobias Stoeckmann <tobias@stoeckmann.org>	2023-11-10 20:25:14 +0100
commit	bfd2a786edc79d7ae4b49ca04e32181c382d5cef (patch)
tree	3b15dac4e7147e626a3b44f201bd46424f714113 /libpam/pam_env.c
parent	d6103b30050554d7b6ca6d55cb5b4ed3c9516663 (diff)
download	pam-bfd2a786edc79d7ae4b49ca04e32181c382d5cef.tar.gz pam-bfd2a786edc79d7ae4b49ca04e32181c382d5cef.tar.bz2 pam-bfd2a786edc79d7ae4b49ca04e32181c382d5cef.zip

libpam: fix possible heap overflow in _pam_strdup

It is possible to trigger an integer overflow in _pam_strdup if the passed string is longer than INT_MAX, which could lead to a smaller memory allocation than needed for the strcpy call. This in turn could lead to a heap overflow. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

Diffstat (limited to 'libpam/pam_env.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: