From 73d009e9ea8edafc18c7fe3650b25dd6bdce88c1 Mon Sep 17 00:00:00 2001 From: Tobias Stoeckmann Date: Tue, 2 Jan 2024 22:42:58 +0100 Subject: pam_unix: use getline Signed-off-by: Tobias Stoeckmann --- modules/pam_unix/pam_unix_passwd.c | 6 ++++-- modules/pam_unix/passverify.c | 6 ++++-- 2 files changed, 8 insertions(+), 4 deletions(-) (limited to 'modules/pam_unix') diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c index 9947f12a..7c141c3b 100644 --- a/modules/pam_unix/pam_unix_passwd.c +++ b/modules/pam_unix/pam_unix_passwd.c @@ -339,17 +339,18 @@ static int _unix_run_update_binary(pam_handle_t *pamh, unsigned long long ctrl, static int check_old_password(const char *forwho, const char *newpass) { - static char buf[16384]; + char *buf = NULL; char *s_pas; int retval = PAM_SUCCESS; FILE *opwfile; + size_t n = 0; size_t len = strlen(forwho); opwfile = fopen(OLD_PASSWORDS_FILE, "r"); if (opwfile == NULL) return PAM_ABORT; - while (fgets(buf, 16380, opwfile)) { + while (getline(&buf, &n, opwfile) != -1) { if (!strncmp(buf, forwho, len) && (buf[len] == ':' || buf[len] == ',')) { char *sptr; @@ -371,6 +372,7 @@ static int check_old_password(const char *forwho, const char *newpass) break; } } + free(buf); fclose(opwfile); return retval; diff --git a/modules/pam_unix/passverify.c b/modules/pam_unix/passverify.c index 3bcfed7f..2474fa7a 100644 --- a/modules/pam_unix/passverify.c +++ b/modules/pam_unix/passverify.c @@ -651,7 +651,7 @@ save_old_password(pam_handle_t *pamh, const char *forwho, const char *oldpass, int howmany) #endif { - static char buf[16384]; + char *buf = NULL; char *s_luser, *s_uid, *s_npas, *s_pas, *pass; int npas; FILE *pwfile, *opwfile; @@ -660,6 +660,7 @@ save_old_password(pam_handle_t *pamh, const char *forwho, const char *oldpass, int found = 0; struct passwd *pwd = NULL; struct stat st; + size_t bufsize = 0; size_t len = strlen(forwho); #ifdef WITH_SELINUX char *prev_context_raw = NULL; @@ -727,7 +728,7 @@ save_old_password(pam_handle_t *pamh, const char *forwho, const char *oldpass, goto done; } - while (fgets(buf, 16380, opwfile)) { + while (getline(&buf, &bufsize, opwfile) == -1) { if (!strncmp(buf, forwho, len) && strchr(":,\n", buf[len]) != NULL) { char *ep, *sptr = NULL; long value; @@ -777,6 +778,7 @@ save_old_password(pam_handle_t *pamh, const char *forwho, const char *oldpass, break; } } + free(buf); fclose(opwfile); if (!found) { -- cgit v1.2.3