pam: modules/pam_console/handlers.c - fix memory corruption when executing ...
baggins
baggins at pld-linux.org
Mon Nov 9 13:04:58 CET 2009
Author: baggins Date: Mon Nov 9 12:04:58 2009 GMT
Module: pam Tag: HEAD
---- Log message:
- fix memory corruption when executing handlers (patch by Stas Sergeev)
and a few more fixes in the handler execution code (FC #532302)
---- Files affected:
pam/modules/pam_console:
handlers.c (1.1 -> 1.2)
---- Diffs:
================================================================
Index: pam/modules/pam_console/handlers.c
diff -u pam/modules/pam_console/handlers.c:1.1 pam/modules/pam_console/handlers.c:1.2
--- pam/modules/pam_console/handlers.c:1.1 Mon Feb 5 00:11:52 2007
+++ pam/modules/pam_console/handlers.c Mon Nov 9 13:04:52 2009
@@ -172,13 +172,13 @@
const char *flagptr;
const char **argv;
int i = 0;
- argv = malloc(sizeof(*argv)*nparams+2);
-
+ argv = malloc(sizeof(*argv)*(nparams+2));
+
if (argv == NULL)
return;
-
+
argv[i++] = handler->executable;
-
+
for (flagptr = handler->flags; *flagptr != '\0'; flagptr += strlen(flagptr)+1) {
switch (testflag(flagptr)) {
case HF_LOGFAIL:
@@ -231,7 +231,7 @@
}
sighandler = signal(SIGCHLD, SIG_DFL);
-
+
child = fork();
switch (child) {
case -1:
@@ -246,30 +246,31 @@
if (!wait_exit) {
switch(fork()) {
case 0:
- exit(0);
+ if(setsid() == -1) {
+ _exit(255);
+ }
+ break;
case -1:
- exit(255);
+ _exit(255);
default:
- if(setsid() == -1) {
- exit(255);
- }
+ _exit(0);
}
}
if (set_uid) {
struct passwd *pw;
pw = getpwnam(user);
if (pw == NULL)
- exit(255);
+ _exit(255);
if (setgid(pw->pw_gid) == -1 ||
setuid(pw->pw_uid) == -1)
- exit(255);
+ _exit(255);
}
call_exec(handler, nparams, user, tty);
- exit(255);
+ _exit(255);
default:
break;
}
-
+
waitpid(child, &rv, 0);
if (sighandler != SIG_ERR)
================================================================
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/pam/modules/pam_console/handlers.c?r1=1.1&r2=1.2&f=u
More information about the pld-cvs-commit
mailing list