Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/usr.bin/login Avoid use-after-free bug in PAM environment
details: https://anonhg.NetBSD.org/src/rev/fd9be88276d0
branches: trunk
changeset: 744636:fd9be88276d0
user: kamil <kamil%NetBSD.org@localhost>
date: Sat Feb 08 13:44:35 2020 +0000
description:
Avoid use-after-free bug in PAM environment
Traditional BSD putenv(3) was creating an internal copy of the passed
argument. Unfortunately this was causing memory leaks and was changed by
POSIX to not allocate.
Adapt the putenv(3) usage to modern POSIX (and NetBSD) semantics.
diffstat:
usr.bin/login/login_pam.c | 8 ++++----
1 files changed, 4 insertions(+), 4 deletions(-)
diffs (29 lines):
diff -r 1a53b2979c14 -r fd9be88276d0 usr.bin/login/login_pam.c
--- a/usr.bin/login/login_pam.c Sat Feb 08 13:33:56 2020 +0000
+++ b/usr.bin/login/login_pam.c Sat Feb 08 13:44:35 2020 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: login_pam.c,v 1.25 2015/10/29 11:31:52 shm Exp $ */
+/* $NetBSD: login_pam.c,v 1.26 2020/02/08 13:44:35 kamil Exp $ */
/*-
* Copyright (c) 1980, 1987, 1988, 1991, 1993, 1994
@@ -39,7 +39,7 @@
#if 0
static char sccsid[] = "@(#)login.c 8.4 (Berkeley) 4/2/94";
#endif
-__RCSID("$NetBSD: login_pam.c,v 1.25 2015/10/29 11:31:52 shm Exp $");
+__RCSID("$NetBSD: login_pam.c,v 1.26 2020/02/08 13:44:35 kamil Exp $");
#endif /* not lint */
/*
@@ -602,8 +602,8 @@
char **envitem;
for (envitem = pamenv; *envitem; envitem++) {
- putenv(*envitem);
- free(*envitem);
+ if (putenv(*envitem) == -1)
+ free(*envitem);
}
free(pamenv);
Home |
Main Index |
Thread Index |
Old Index