Update upstream source from tag 'upstream/1.7.0'

Update to upstream version '1.7.0'
with Debian dir 0b3cd490884352e14273caeca2f05c6a525499fa

1 files changed, 8 insertions, 3 deletions

diff --git a/modules/pam_echo/pam_echo.c b/modules/pam_echo/pam_echo.c
index 181aeb4c..5a882028 100644
--- a/modules/pam_echo/pam_echo.c
+++ b/modules/pam_echo/pam_echo.c
@@ -33,14 +33,13 @@
  * OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-#if defined(HAVE_CONFIG_H)
 #include "config.h"
-#endif
 
 #include <errno.h>
 #include <stdio.h>
 #include <fcntl.h>
 #include <string.h>
+#include <stdint.h>
 #include <stdlib.h>
 #include <unistd.h>
 #include <limits.h>
@@ -182,6 +181,12 @@ pam_echo (pam_handle_t *pamh, int flags, int argc, const char **argv)
 	  return PAM_IGNORE;
 	}
 
+      if ((uintmax_t) st.st_size > (uintmax_t) INT_MAX)
+	{
+	  close (fd);
+	  return PAM_BUF_ERR;
+	}
+
       mtmp = malloc (st.st_size + 1);
       if (!mtmp)
 	{
@@ -189,7 +194,7 @@ pam_echo (pam_handle_t *pamh, int flags, int argc, const char **argv)
 	  return PAM_BUF_ERR;
 	}
 
-      if (pam_modutil_read (fd, mtmp, st.st_size) == -1)
+      if (pam_modutil_read (fd, mtmp, st.st_size) != st.st_size)
 	{
 	  pam_syslog (pamh, LOG_ERR, "Error while reading %s: %m", file);
 	  free (mtmp);