pam_get_item() question
Justin F.
justinf at ccbill.com
Tue Nov 16 19:14:20 UTC 2004
> {
> int retval;
> udataptr myUser = &localUser;
> myConfigPtr myConfig = &localConfig;
> char user[15];
> char *password;
> myUser->usrname=user;
> char error_msg[30];
>
> if( ( retval = pam_get_user( pamh, &( myUser->usrname ), "PAM_test
> login:" ) != PAM_SUCCESS ) ) {
> strcpy( error_msg, "Could not obtain user name: " );
> strcat( error_msg, myUser->usrname );
You do not feel having a fixed length array of 30b with a 28b messages and
strcat'ing a username into it could cause problems?
This leads you with like 1 byte usernames.
> if( ( retval = pam_get_user( pamh, &( myUser->usrname ), "PAM_test
> login:" ) == PAM_SUCCESS ) ) {
> strcpy( error_msg, "Obtained username: " );
> strcat( error_msg, myUser->usrname );
Same deal here, however you have more wiggle room.
However, I am not a pam expert, so I can't really answer your question- I
just noticed those two potential overflows.
Justin F.
> --
> Jason Gerfen
> jason.gerfen at scl.utah.edu
>
> "And remember... If the ladies
> don't find you handsome, they
> should at least find you handy..."
> ~The Red Green show
>
> _______________________________________________
> Pam-list mailing list
> Pam-list at redhat.com
> https://www.redhat.com/mailman/listinfo/pam-list
>
>
More information about the Pam-list
mailing list