diff options
| author | Tobias Stoeckmann <tobias@stoeckmann.org> | 2023-11-11 01:09:40 +0100 |
|---|---|---|
| committer | Dmitry V. Levin <github.dl@altlinux.org> | 2023-11-12 17:00:59 +0000 |
| commit | 92d86f25b838c322c002fd812ead8f27b60817ad (patch) | |
| tree | a59cd15a5c171f66b7ebe4532ae6db05f75a11b1 /libpam/pam_handlers.c | |
| parent | 67e8f426ec7123eb50f3f8f907811a6f0d4e161a (diff) | |
| download | pam-92d86f25b838c322c002fd812ead8f27b60817ad.tar.gz pam-92d86f25b838c322c002fd812ead8f27b60817ad.tar.bz2 pam-92d86f25b838c322c002fd812ead8f27b60817ad.zip | |
libpam: stop processing excessively long lines
If a configuration file contains lines which are longer than 1024
characters, _pam_assemble_line splits them into multiple ones.
This may lead to comments being interpreted as actual configuration
lines.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Diffstat (limited to 'libpam/pam_handlers.c')
| -rw-r--r-- | libpam/pam_handlers.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/libpam/pam_handlers.c b/libpam/pam_handlers.c index d8393044..fc217ef8 100644 --- a/libpam/pam_handlers.c +++ b/libpam/pam_handlers.c @@ -590,6 +590,12 @@ static int _pam_assemble_line(FILE *f, char *buffer, int buf_len) } } + if (strchr(p, '\n') == NULL && !feof(f)) { + /* Incomplete */ + D(("_pam_assemble_line: incomplete")); + return -1; + } + /* skip leading spaces --- line may be blank */ s = p + strspn(p, " \n\t"); |