From 8d95558f5286c4f58083078a1b85d60750d34b47 Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Wed, 27 Dec 2023 22:00:00 +0000 Subject: pam_timestamp_check: check format_timestamp_name return value * modules/pam_timestamp/pam_timestamp.c [PAM_TIMESTAMP_MAIN] (main): Bail out if format_timestamp_name returns an error. --- modules/pam_timestamp/pam_timestamp.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'modules/pam_timestamp') diff --git a/modules/pam_timestamp/pam_timestamp.c b/modules/pam_timestamp/pam_timestamp.c index 1d624b40..bf35db15 100644 --- a/modules/pam_timestamp/pam_timestamp.c +++ b/modules/pam_timestamp/pam_timestamp.c @@ -845,8 +845,11 @@ main(int argc, char **argv) } /* Generate the name of the timestamp file. */ - format_timestamp_name(path, sizeof(path), TIMESTAMPDIR, - tty, user, target_user); + if (format_timestamp_name(path, sizeof(path), TIMESTAMPDIR, + tty, user, target_user) >= (int) sizeof(path)) { + fprintf(stderr, "path too long\n"); + return 4; + } do { retval = 0; -- cgit v1.2.3