diff options
| author | Tobias Stoeckmann <tobias@stoeckmann.org> | 2023-12-05 20:22:24 +0100 |
|---|---|---|
| committer | Dmitry V. Levin <ldv@strace.io> | 2023-12-05 19:26:24 +0000 |
| commit | dd87776d3683b1fe66b55c750af9e7ab2c5461c2 (patch) | |
| tree | 554909a942f77e7a78ea02065d567d44dd4749fe /libpam_misc/misc_conv.c | |
| parent | 9082c6c2754b72b2146c6e6e3011b4920a491b3f (diff) | |
| download | pam-dd87776d3683b1fe66b55c750af9e7ab2c5461c2.tar.gz pam-dd87776d3683b1fe66b55c750af9e7ab2c5461c2.tar.bz2 pam-dd87776d3683b1fe66b55c750af9e7ab2c5461c2.zip | |
pam_faildelay: validate parameter ranges
The function sscanf does not verify that a value parsed with %ld is
actually within the valid range of a long, allowing silent truncation.
When parsing FAIL_DELAY from login.defs, a mask of 0777 is applied
before performing range checks for strtol return value. Since this
mask does not make sense here, it is removed.
With these changes, values smaller than 0 or larger than UINT_MAX,
which is the actual limit for pam_fail_delay, are discarded and
logged.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Diffstat (limited to 'libpam_misc/misc_conv.c')
0 files changed, 0 insertions, 0 deletions