From 276ad5b8e48aa77c24ef25e18d2e97f66c83d68c Mon Sep 17 00:00:00 2001
From: ikerexxe <ipedrosa@redhat.com>
Date: Mon, 29 Jun 2020 16:06:28 +0200
Subject: pam_loginuid: fix unlikely negative 3rd argument of strncmp on error
 path

[ldv: rewrote commit message]

* modules/pam_loginuid/pam_loginuid.c (set_loginuid): Do not pass to
strncmp the return value of pam_modutil_read in an unlikely case when
the latter fails to read from /proc/self/uid_map.
---
 modules/pam_loginuid/pam_loginuid.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'modules')

diff --git a/modules/pam_loginuid/pam_loginuid.c b/modules/pam_loginuid/pam_loginuid.c
index 62dd3d59..6f5a6380 100644
--- a/modules/pam_loginuid/pam_loginuid.c
+++ b/modules/pam_loginuid/pam_loginuid.c
@@ -65,7 +65,7 @@ static int set_loginuid(pam_handle_t *pamh, uid_t uid)
 	fd = open("/proc/self/uid_map", O_RDONLY);
 	if (fd >= 0) {
 		count = pam_modutil_read(fd, uid_map, sizeof(uid_map));
-		if (strncmp(uid_map, host_uid_map, count) != 0)
+		if (count <= 0 || strncmp(uid_map, host_uid_map, count) != 0)
 			rc = PAM_IGNORE;
 		close(fd);
 	}
-- 
cgit v1.2.3