diff options
| author | Rosen Penev <rosenp@gmail.com> | 2018-07-15 20:43:44 -0700 |
|---|---|---|
| committer | Tomáš Mráz <t8m@users.noreply.github.com> | 2019-01-04 12:21:34 +0100 |
| commit | 91d4678388b2a7d768ee2ec8cc569e11fc223ffd (patch) | |
| tree | 84bda3a9bbf8ce36fb1472b80ac3bc34fd0c3377 /modules/pam_exec/pam_exec.c | |
| parent | 73bf6d25ddb7a2cb73bceda3d880174b1d1e4a26 (diff) | |
| download | pam-91d4678388b2a7d768ee2ec8cc569e11fc223ffd.tar.gz pam-91d4678388b2a7d768ee2ec8cc569e11fc223ffd.tar.bz2 pam-91d4678388b2a7d768ee2ec8cc569e11fc223ffd.zip | |
Replace strndupa with strncpy
glibc only. A static string is better.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Diffstat (limited to 'modules/pam_exec/pam_exec.c')
| -rw-r--r-- | modules/pam_exec/pam_exec.c | 31 |
1 files changed, 11 insertions, 20 deletions
diff --git a/modules/pam_exec/pam_exec.c b/modules/pam_exec/pam_exec.c index 52dc6818..6cad16e4 100644 --- a/modules/pam_exec/pam_exec.c +++ b/modules/pam_exec/pam_exec.c @@ -102,7 +102,7 @@ call_exec (const char *pam_type, pam_handle_t *pamh, int use_stdout = 0; int optargc; const char *logfile = NULL; - const char *authtok = NULL; + char authtok[PAM_MAX_RESP_SIZE] = {}; pid_t pid; int fds[2]; int stdout_fds[2]; @@ -180,12 +180,12 @@ call_exec (const char *pam_type, pam_handle_t *pamh, if (resp) { pam_set_item (pamh, PAM_AUTHTOK, resp); - authtok = strndupa (resp, PAM_MAX_RESP_SIZE); + strncpy (authtok, resp, sizeof(authtok) - 1); _pam_drop (resp); } } else - authtok = strndupa (void_pass, PAM_MAX_RESP_SIZE); + strncpy (authtok, void_pass, sizeof(authtok) - 1); if (pipe(fds) != 0) { @@ -225,23 +225,14 @@ call_exec (const char *pam_type, pam_handle_t *pamh, if (expose_authtok) /* send the password to the child */ { - if (authtok != NULL) - { /* send the password to the child */ - if (debug) - pam_syslog (pamh, LOG_DEBUG, "send password to child"); - if (write(fds[1], authtok, strlen(authtok)+1) == -1) - pam_syslog (pamh, LOG_ERR, - "sending password to child failed: %m"); - authtok = NULL; - } - else - { - if (write(fds[1], "", 1) == -1) /* blank password */ - pam_syslog (pamh, LOG_ERR, - "sending password to child failed: %m"); - } - close(fds[0]); /* close here to avoid possible SIGPIPE above */ - close(fds[1]); + if (debug) + pam_syslog (pamh, LOG_DEBUG, "send password to child"); + if (write(fds[1], authtok, strlen(authtok)) == -1) + pam_syslog (pamh, LOG_ERR, + "sending password to child failed: %m"); + + close(fds[0]); /* close here to avoid possible SIGPIPE above */ + close(fds[1]); } if (use_stdout) |