pam_access: fix nul byte handling in config

Even though NUL bytes are not supposed to show up in a configuration file, treat them properly and avoid out of boundary accesses. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
author: Tobias Stoeckmann <tobias@stoeckmann.org> 2023-12-18 09:47:17 +0100
committer: Dmitry V. Levin <ldv@strace.io> 2023-12-18 09:10:08 +0000
commit: d91f60b2125485f515c3d59d6ab2e55daf84e19e (patch)
tree: 8270b7ca8901b3efedf7e3bc4ef4cc9d79f136ea /modules/pam_access
parent: 0fb2978d0e139dc57878d5c82d6eae79273e2031 (diff)
download: pam-d91f60b2125485f515c3d59d6ab2e55daf84e19e.tar.gz
pam-d91f60b2125485f515c3d59d6ab2e55daf84e19e.tar.bz2
pam-d91f60b2125485f515c3d59d6ab2e55daf84e19e.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/modules/pam_access/pam_access.c b/modules/pam_access/pam_access.c
index 85775114..e3ec441d 100644
--- a/modules/pam_access/pam_access.c
+++ b/modules/pam_access/pam_access.c
@@ -448,6 +448,8 @@ login_access (pam_handle_t *pamh, struct login_info *item)
     if ((fp = fopen(item->config_file, "r"))!=NULL) {
 	while (!match && fgets(line, sizeof(line), fp)) {
 	    lineno++;
+	    if (line[0] == 0)
+		continue;
 	    if (line[end = strlen(line) - 1] != '\n') {
 		pam_syslog(pamh, LOG_ERR,
                            "%s: line %zu: missing newline or line too long",
author	Tobias Stoeckmann <tobias@stoeckmann.org>	2023-12-18 09:47:17 +0100
committer	Dmitry V. Levin <ldv@strace.io>	2023-12-18 09:10:08 +0000
commit	d91f60b2125485f515c3d59d6ab2e55daf84e19e (patch)
tree	8270b7ca8901b3efedf7e3bc4ef4cc9d79f136ea /modules/pam_access
parent	0fb2978d0e139dc57878d5c82d6eae79273e2031 (diff)
download	pam-d91f60b2125485f515c3d59d6ab2e55daf84e19e.tar.gz pam-d91f60b2125485f515c3d59d6ab2e55daf84e19e.tar.bz2 pam-d91f60b2125485f515c3d59d6ab2e55daf84e19e.zip