From e648517eef968b1630f0e3cc0dd90a926868b28f Mon Sep 17 00:00:00 2001
From: Thorsten Kukuk <kukuk@thkukuk.de>
Date: Sun, 10 Dec 2006 10:37:26 +0000
Subject: Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------

2006-12-09  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_umask/pam_umask.c: Use strtoul instead of strtol,
        fix overflow detection.
---
 modules/pam_umask/pam_umask.c | 23 ++++++++++++++---------
 1 file changed, 14 insertions(+), 9 deletions(-)

(limited to 'modules/pam_umask')

diff --git a/modules/pam_umask/pam_umask.c b/modules/pam_umask/pam_umask.c
index c5fa773b..fdeb3c51 100644
--- a/modules/pam_umask/pam_umask.c
+++ b/modules/pam_umask/pam_umask.c
@@ -15,8 +15,8 @@
  *    written permission.
  *
  * ALTERNATIVELY, this product may be distributed under the terms of
- * the GNU Public License, in which case the provisions of the GPL are
- * required INSTEAD OF the above restrictions.  (This clause is
+ * the GNU Public License V2, in which case the provisions of the GPL
+ * are required INSTEAD OF the above restrictions.  (This clause is
  * necessary due to a potential bad interaction between the GPL and
  * the restrictions contained in a BSD-style copyright.)
  *
@@ -40,6 +40,7 @@
 #include <stdio.h>
 #include <ctype.h>
 #include <errno.h>
+#include <limits.h>
 #include <string.h>
 #include <stdarg.h>
 #include <unistd.h>
@@ -55,6 +56,10 @@
 #include <security/pam_modutil.h>
 #include <security/pam_ext.h>
 
+#define BUF_SIZE 4096
+#define LOGIN_DEFS "/etc/login.defs"
+#define LOGIN_CONF "/etc/default/login"
+
 struct options_t {
   int debug;
   int usergroups;
@@ -105,7 +110,7 @@ search_key (const char *filename)
 
       if (buf == NULL)
         {
-          buflen = 8096;
+          buflen = BUF_SIZE;
           buf = malloc (buflen);
         }
       buf[0] = '\0';
@@ -145,8 +150,7 @@ search_key (const char *filename)
     }
   fclose (fp);
 
-  if (buf)
-    free (buf);
+  free (buf);
 
   return retval;
 }
@@ -161,9 +165,9 @@ get_options (const pam_handle_t *pamh, options_t *options,
     parse_option (pamh, *argv, options);
 
   if (options->umask == NULL)
-    options->umask = search_key ("/etc/login.defs");
+    options->umask = search_key (LOGIN_DEFS);
   if (options->umask == NULL)
-    options->umask = search_key ("/etc/default/login");
+    options->umask = search_key (LOGIN_CONF);
 
   return 0;
 }
@@ -175,8 +179,9 @@ set_umask (const char *value)
   mode_t mask;
   char *endptr;
 
-  mask = strtol (value, &endptr, 8) & 0777;
-  if ((mask == 0) && (value_orig == endptr))
+  mask = strtoul (value, &endptr, 8) & 0777;
+  if (((mask == 0) && (value_orig == endptr)) ||
+      ((mask == ULONG_MAX) && (errno == ERANGE)))
     return;
   umask (mask);
   return;
-- 
cgit v1.2.3