aboutsummaryrefslogtreecommitdiff
path: root/modules/pam_echo/pam_echo.c
diff options
context:
space:
mode:
authorSam Hartman <hartmans@debian.org>2024-12-02 09:55:34 -0700
committerSam Hartman <hartmans@debian.org>2024-12-02 09:55:34 -0700
commit7c9fb6472dcfae34ddbf4fbc9ecfafae2cf173c3 (patch)
treeb04aa8c3b2354427cbba730ccc832249f7244985 /modules/pam_echo/pam_echo.c
parente9aa2ef52a423a3a33299bf7e8715eb5bd76ea67 (diff)
parentea980d991196df67cdd56b3f65d210b73218d08a (diff)
downloadpam-7c9fb6472dcfae34ddbf4fbc9ecfafae2cf173c3.tar.gz
pam-7c9fb6472dcfae34ddbf4fbc9ecfafae2cf173c3.tar.bz2
pam-7c9fb6472dcfae34ddbf4fbc9ecfafae2cf173c3.zip
New upstream version 1.7.0
Diffstat (limited to 'modules/pam_echo/pam_echo.c')
-rw-r--r--modules/pam_echo/pam_echo.c11
1 files changed, 8 insertions, 3 deletions
diff --git a/modules/pam_echo/pam_echo.c b/modules/pam_echo/pam_echo.c
index 181aeb4c..5a882028 100644
--- a/modules/pam_echo/pam_echo.c
+++ b/modules/pam_echo/pam_echo.c
@@ -33,14 +33,13 @@
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-#if defined(HAVE_CONFIG_H)
#include "config.h"
-#endif
#include <errno.h>
#include <stdio.h>
#include <fcntl.h>
#include <string.h>
+#include <stdint.h>
#include <stdlib.h>
#include <unistd.h>
#include <limits.h>
@@ -182,6 +181,12 @@ pam_echo (pam_handle_t *pamh, int flags, int argc, const char **argv)
return PAM_IGNORE;
}
+ if ((uintmax_t) st.st_size > (uintmax_t) INT_MAX)
+ {
+ close (fd);
+ return PAM_BUF_ERR;
+ }
+
mtmp = malloc (st.st_size + 1);
if (!mtmp)
{
@@ -189,7 +194,7 @@ pam_echo (pam_handle_t *pamh, int flags, int argc, const char **argv)
return PAM_BUF_ERR;
}
- if (pam_modutil_read (fd, mtmp, st.st_size) == -1)
+ if (pam_modutil_read (fd, mtmp, st.st_size) != st.st_size)
{
pam_syslog (pamh, LOG_ERR, "Error while reading %s: %m", file);
free (mtmp);
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-05 02:48:26 +0000