tech-toolchain archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: libpam segfault when passwd passes NULL pamh (was Re: gcc -O2 produces invalid object code (x86_64, netbsd-5 branch))

On Mon, Mar 08, 2010 at 04:05:29PM -0500, Richard Hansen wrote:
> Joerg Sonnenberger wrote:
> >On Mon, Mar 08, 2010 at 03:16:29PM -0500, Richard Hansen wrote:
> >>There's at least one other way pam_start() can fail:  if you
> >>misspell the name of a pam module in an /etc/pam.d file.  (Can
> >>you guess how I originally stumbled across the segfault? :-P)  A
> >>"module not found" message would be useful.
> >
> >Yes, but that error is not send down in any meaningful way.
> I'm not sure what you mean -- passwd prints the error message to
> stderr.  Other apps might not have a useful way to deliver the error
> message to the user, but that's for the apps to figure out.

Anything more than a plain number and fixed error message is not
possible with the constraints of the interface.

> >I think the problem will remain the same though -- you can't
> >assume pam_strerror will work after a failing pam_start.
> We can if pam_strerror(3) says it will.  :)

So Sun at least documents that pam_strerror(3) can be called explicitly
with NULL as handle if pam_start(3) failed. XSSO is silent on the topic,
but it is the most sensible behavior.


Home | Main Index | Thread Index | Old Index