Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/usr.bin/login Avoid use-after-free bug in PAM environment
details: https://anonhg.NetBSD.org/src/rev/c6ac0e50f700
branches: trunk
changeset: 1007165:c6ac0e50f700
user: kamil <kamil%NetBSD.org@localhost>
date: Sat Feb 08 13:44:35 2020 +0000
description:
Avoid use-after-free bug in PAM environment
Traditional BSD putenv(3) was creating an internal copy of the passed
argument. Unfortunately this was causing memory leaks and was changed by
POSIX to not allocate.
Adapt the putenv(3) usage to modern POSIX (and NetBSD) semantics.
diffstat:
usr.bin/login/login_pam.c | 8 ++++----
1 files changed, 4 insertions(+), 4 deletions(-)
diffs (29 lines):
diff -r 19f6ab167fd1 -r c6ac0e50f700 usr.bin/login/login_pam.c
--- a/usr.bin/login/login_pam.c Sat Feb 08 13:33:56 2020 +0000
+++ b/usr.bin/login/login_pam.c Sat Feb 08 13:44:35 2020 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: login_pam.c,v 1.25 2015/10/29 11:31:52 shm Exp $ */
+/* $NetBSD: login_pam.c,v 1.26 2020/02/08 13:44:35 kamil Exp $ */
/*-
* Copyright (c) 1980, 1987, 1988, 1991, 1993, 1994
@@ -39,7 +39,7 @@
#if 0
static char sccsid[] = "@(#)login.c 8.4 (Berkeley) 4/2/94";
#endif
-__RCSID("$NetBSD: login_pam.c,v 1.25 2015/10/29 11:31:52 shm Exp $");
+__RCSID("$NetBSD: login_pam.c,v 1.26 2020/02/08 13:44:35 kamil Exp $");
#endif /* not lint */
/*
@@ -602,8 +602,8 @@
char **envitem;
for (envitem = pamenv; *envitem; envitem++) {
- putenv(*envitem);
- free(*envitem);
+ if (putenv(*envitem) == -1)
+ free(*envitem);
}
free(pamenv);
Home |
Main Index |
Thread Index |
Old Index