aboutsummaryrefslogtreecommitdiff
path: root/libpam/pam_misc.c
Commit message (Collapse)AuthorAgeFilesLines
* treewide: fix typos in commentsTobias Stoeckmann2024-01-051-1/+1
| | | | Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
* libpam: support very long strings in _pam_mkargvTobias Stoeckmann2023-12-311-6/+14
| | | | | | | This support has to be added before arbitrarily long lines are allowed in configuration files. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
* libpam: reduce memory usage of _pam_mkargvTobias Stoeckmann2023-12-191-35/+22
| | | | | | | | | | The input string "s" is duplicated into "sbuf" and tokens copied from there into target memory "our_argv". Since "our_argv" is allocated to be always large enough to keep the whole string "s" (plus pointers) in it, we can skip "sbuf" entirely. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
* treewide: replace malloc followed by strcpy with strdupTobias Stoeckmann2023-12-191-7/+1
| | | | | Suggested-by: Benny Baumann <BenBE@geshi.org> Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
* libpam: remove function prefixes in debug messagesTobias Stoeckmann2023-12-181-1/+1
| | | | | | | | The D macro itself already adds the function names. It is a follow up to 79f97b5dfddbd54942036851e49c369502689853. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
* treewide: store strlen results in size_tTobias Stoeckmann2023-12-141-1/+2
| | | | | | | Very long strings could overflow the int data type. Make sure to use the correct data type. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
* libpam: simplify _pam_tokenize internalsTobias Stoeckmann2023-12-061-12/+5
| | | | | | | | Since format is a constant, the table can be skipped. Use strspn/strcspn instead which might even be optimized compared to custom for loops. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
* libpam: remove format argument for _pam_tokenizeTobias Stoeckmann2023-12-061-9/+8
| | | | | | It is always the same format. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
* libpam: rename _pam_StrTok to _pam_tokenizeTobias Stoeckmann2023-12-061-2/+2
| | | | | | | The _pam_StrTok function resembles strtok_r instead of strtok. For upcoming changes the naming should not relate to strtok anymore. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
* libpam: fix _pam_mkargv return value on error pathDmitry V. Levin2023-11-141-0/+1
| | | | | * libpam/pam_misc.c (_pam_mkargv): Return 0 in case of memory allocation failure.
* libpam: fix integer overflow when parsing configsTobias Stoeckmann2023-11-121-1/+11
| | | | | | | | | It is possible to trigger a signed integer overflow when parsing jump numbers for pam return types. Fail if the number becomes too large. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
* libpam: remove function prefixes in debug messagesTobias Stoeckmann2023-11-121-1/+1
| | | | | | The D macro itself already adds the function names. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
* libpam: fix possible heap overflow in _pam_strdupTobias Stoeckmann2023-11-101-1/+1
| | | | | | | | | | It is possible to trigger an integer overflow in _pam_strdup if the passed string is longer than INT_MAX, which could lead to a smaller memory allocation than needed for the strcpy call. This in turn could lead to a heap overflow. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
* libpam: cast to unsigned char for character handling functionChristian Göttsche2023-08-071-5/+5
| | | | | | | | Character handling functions, like isspace(3), expect a value representable as unsigned char or equal to EOF. Otherwise the behavior is undefined. See https://wiki.sei.cmu.edu/confluence/display/c/STR37-C.+Arguments+to+character-handling+functions+must+be+representable+as+an+unsigned+char
* _pam_mkargv: add const qualifier to the first argumentDmitry V. Levin2020-01-201-1/+1
| | | | | | | | | | | | | | | Also fix the following compilation warning: tests/tst-pam_mkargv.c:21:22: warning: initialization discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] char *argvstring = "user = XENDT\\userα user=XENDT\\user1"; ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ * libpam/pam_misc.c (_pam_mkargv): Add const qualifier to the first argument. * libpam/pam_private.h (_pam_mkargv): Likewise. * tests/tst-pam_mkargv.c (main): Convert argvstring from a pointer into a static const string, make argvresult array static const.
* Fix whitespace issuesDmitry V. Levin2011-10-261-1/+1
| | | | | | Cleanup trailing whitespaces, indentation that uses spaces before tabs, and blank lines at EOF. Make the project free of warnings reported by git diff --check 4b825dc642cb6eb9a060e54bf8d69288fbee4904 HEAD
* Relevant BUGIDs: 2892529Thorsten Kukuk2009-12-081-1/+1
| | | | | | | | | | | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2009-12-08 Thorsten Kukuk <kukuk@thkukuk.de> * configure.in: Rename DEBUG to PAM_DEBUG. * libpam/pam_env.c: Likewise * libpam/pam_handlers.c: Likewise * libpam/pam_miscc.c: Likewise * libpam/pam_password.c: Likewise * libpam/include/security/_pam_macros.h: Likewise * libpamc/test/modules/pam_secret.c: Likewise * modules/pam_group/pam_group.c: Likewise * modules/pam_listfile/pam_listfile.c: Likewise * modules/pam_unix/pam_unix_auth.c: Likewise * modules/pam_unix/pam_unix_passwd.c: Likewise
* Relevant BUGIDs:Thorsten Kukuk2009-02-251-3/+4
| | | | | | | | | | | | | | | | | Purpose of commit: bugfix Commit summary: --------------- 2009-02-25 Thorsten Kukuk <kukuk@thkukuk.de> * libpam/pam_misc.c (_pam_StrTok): Use unsigned char instead of int. Reported by Marcus Granado. * tests/Makefile.am (TESTS): Add tst-pam_mkargv. * tests/tst-pam_mkargv.c (main): Test case for _pam_mkargv. * po/de.po: Update fuzzy translations.
* Relevant BUGIDs:Tomas Mraz2007-12-061-0/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: new feature Commit summary: --------------- 2007-12-06 Eamon Walsh <ewalsh@tycho.nsa.gov> * libpam/include/security/_pam_macros.h: Add _pam_overwrite_n() macro. * libpam/include/security/_pam_types.h: Add PAM_XDISPLAY, PAM_XAUTHDATA items, pam_xauth_data struct. * libpam/pam_item.c (pam_set_item, pam_get_item): Handle PAM_XDISPLAY and PAM_XAUTHDATA items. * libpam/pam_end.c (pam_end): Destroy the new items. * libpam/pam_private.h (pam_handle): Add data members for new items. Add prototype for _pam_memdup. * libpam/pam_misc.c: Add _pam_memdup. * doc/man/Makefile.am: Add pam_xauth_data.3. Replace pam_item_types.inc.xml with pam_item_types_std.inc.xml and pam_item_types_ext.inc.xml. * doc/man/pam_get_item.3.xml: Replace pam_item_types.inc.xml with pam_item_types_std.inc.xml and pam_item_types_ext.inc.xml. * doc/man/pam_set_item.3.xml: Likewise. * doc/man/pam_item_types.inc.xml: Removed file. * doc/man/pam_item_types_ext.inc.xml: New file. * doc/man/pam_item_types_std.inc.xml: New file.
* Relevant BUGIDs:Thorsten Kukuk2006-06-141-7/+5
| | | | | | | | | | | Purpose of commit: cleanup Commit summary: --------------- 2006-06-14 Thorsten Kukuk <kukuk@thkukuk.de> * libpam/pam_misc.c (_pam_strdup): Use strlen and strcpy.
* Relevant BUGIDs:Thorsten Kukuk2006-06-141-17/+35
| | | | | | | | | | | | | | | | Purpose of commit: cleanup Commit summary: --------------- 2006-06-14 Thorsten Kukuk <kukuk@thkukuk.de> * libpam/pam_handlers.c (extract_modulename): Use _pam_strdup instead of strdup. * libpam/pam_private.h: Remove _pam_strCMP. * libpam/pam_misc.c: Likewise. * libpam/pam_handlers.c: Replaced _pam_strCMP with strcasecmp.
* Relevant BUGIDs: 1490956,1489818,1489808,1489792,1489804,1489658,1489634Thorsten Kukuk2006-05-221-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Purpose of commit: bugfixes Commit summary: --------------- 2006-05-22 Thorsten Kukuk <kukuk@thkukuk.de> * modules/pam_listfile/pam_listfile.c (pam_sm_authenticate): Fix memory leaks, [#1490956] found by Coverity. * modules/pam_tally/pam_tally.c (pam_get_uid): Check return value of pam_get_user(). (tally_get_data): Check if oldtime is not NULL. [#1489818] found by Coverity. * modules/pam_mkhomedir/pam_mkhomedir.c (create_homedir): Don't ignore return value of stat(). [#1489808] found by Coverity. * modules/pam_mail/pam_mail.c (get_folder): Fix a potential NULL pointer dereference. [#1489792] found by Coverity. * libpam/Makefile.am: bump release number of libpam.so. * libpam/pam_misc.c (_pam_mkargv): Fix memory leak, [#1489804] found by Coverity. * modules/pam_echo/pam_echo.c (replace_and_print): Initialize str, [#1489658] found by Coverity. * modules/pam_cracklib/pam_cracklib.c (_pam_unix_approve_pass): Fix a potential NULL pointer dereference. (pam_sm_chauthtok): Remove dead code. [#1489634] found by Coverity.
* Relevant BUGIDs: noneThorsten Kukuk2005-09-041-6/+6
| | | | | | | | | Purpose of commit: cleanup Commit summary: --------------- Replace _pam_system_log with pam_syslog.
* Relevant BUGIDs: 770645Steve Langasek2003-07-131-2/+2
| | | | | | | | | | | | | Purpose of commit: cleanup Commit summary: --------------- Fix the many compile-time warnings caused by features.h being included before our _pam_aconf.h. This should make it much easier to find other bugs. Also, call config.status instead of configure, to allow rebuilding generated files with the same options.
* Relevant BUGIDs: 517064Andrew G. Morgan2002-05-261-2/+14
| | | | | | | | | | | | | | | | | | | | Purpose of commit: feature Commit summary: --------------- document old feature and add '\]' parsing to make it a better feature. The feature is that we can accept spaces in module arguments by enclosing the whole argument inside square brackets. For example a module argument like this: "[hello [you\], this is me]" will be parsed as "hello [you], this is me" Not very interesting, but you get the idea. Thanks to Russell Kliese for requesting this.
* Relevant BUGIDs: 129027, 128576Andrew G. Morgan2001-01-221-2/+6
| | | | | | | | | | Purpose of commit: new feature + documentation Commit summary: --------------- Cleaned up the handling of AUTHTOK items and pam_[gs]et_data() functions. Added more clear documentation about the pam_[gs]et_item() functions to the pam_appl and pam_modules programmer guides.
* Initial revisionAndrew G. Morgan2000-06-201-0/+305
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-08 13:42:46 +0000