pam_env: fix debug and error messages

The tmpptr variable is only used for resolved variables. If the
creation of expanded string overflows at other places, log the actually
overflowing character instead of a "random" string in tmpptr.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

1 files changed, 5 insertions, 5 deletions

diff --git a/modules/pam_env/pam_env.c b/modules/pam_env/pam_env.c
index 3c4569db..12c7ddd7 100644
--- a/modules/pam_env/pam_env.c
+++ b/modules/pam_env/pam_env.c
@@ -609,9 +609,9 @@ _expand_arg(pam_handle_t *pamh, char **value)
 	tmp[idx++] = *orig++;        /* Note the increment */
       } else {
 	/* is it really a good idea to try to log this? */
-	D(("Variable buffer overflow: <%s> + <%s>", tmp, tmpptr));
-	pam_syslog (pamh, LOG_ERR, "Variable buffer overflow: <%s> + <%s>",
-		 tmp, tmpptr);
+	D(("Variable buffer overflow: <%s> + <%c>", tmp, *orig));
+	pam_syslog (pamh, LOG_ERR, "Variable buffer overflow: <%s> + <%c>",
+		 tmp, *orig);
 	goto buf_err;
       }
       continue;
@@ -684,9 +684,9 @@ _expand_arg(pam_handle_t *pamh, char **value)
 	tmp[idx++] = *orig++;        /* Note the increment */
       } else {
 	/* is it really a good idea to try to log this? */
-	D(("Variable buffer overflow: <%s> + <%s>", tmp, tmpptr));
+	D(("Variable buffer overflow: <%s> + <%c>", tmp, *orig));
 	pam_syslog(pamh, LOG_ERR,
-		   "Variable buffer overflow: <%s> + <%s>", tmp, tmpptr);
+		   "Variable buffer overflow: <%s> + <%c>", tmp, *orig);
 	goto buf_err;
       }
     }