From 655b5e3cf32cb2bd6606cb8ab696b8f00f87051e Mon Sep 17 00:00:00 2001 From: ikerexxe Date: Mon, 29 Jun 2020 11:19:29 +0200 Subject: misc_conv: fix potential stack buffer overflow [ldv: rewrote commit message] * libpam_misc/misc_conv.c (read_string): Use _pam_overwrite_n instead of _pam_overwrite to clear stack buffer "line" because the latter does not have to be null-terminated. --- libpam_misc/misc_conv.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'libpam_misc') diff --git a/libpam_misc/misc_conv.c b/libpam_misc/misc_conv.c index cabe2dad..70b96454 100644 --- a/libpam_misc/misc_conv.c +++ b/libpam_misc/misc_conv.c @@ -244,7 +244,7 @@ static int read_string(int echo, const char *prompt, char **retstr) D(("the timer appears to have expired")); *retstr = NULL; - _pam_overwrite(line); + _pam_overwrite_n(line, sizeof(line)); cleanexit: -- cgit v1.2.3