[PATCH 4/4] pam_lastlog: Fix potential segfault when terminal_line is NULL.
Robin Hack
rhack at redhat.com
Thu Aug 14 05:13:28 UTC 2014
Hi Tomas.
You are right. Thanks.
On Wed, Aug 13, 2014 at 03:07:53PM +0200, Tomas Mraz wrote:
> On St, 2014-08-13 at 14:27 +0200, Robin Hack wrote:
> > ---
> > modules/pam_lastlog/pam_lastlog.c | 8 ++++++--
> > 1 file changed, 6 insertions(+), 2 deletions(-)
> >
> > diff --git a/modules/pam_lastlog/pam_lastlog.c b/modules/pam_lastlog/pam_lastlog.c
> > index 50d33e4..1bd6d65 100644
> > --- a/modules/pam_lastlog/pam_lastlog.c
> > +++ b/modules/pam_lastlog/pam_lastlog.c
> > @@ -176,12 +176,16 @@ get_tty(pam_handle_t *pamh)
> > if (pam_get_item(pamh, PAM_TTY, &void_terminal_line) != PAM_SUCCESS
> > || void_terminal_line == NULL) {
> > terminal_line = DEFAULT_TERM;
> > + D(("terminal = %s", terminal_line));
> > + return terminal_line;
> > } else {
> > terminal_line = void_terminal_line;
> > + D(("terminal = %s", terminal_line));
> > + return terminal_line;
> > }
> > if (!strncmp("/dev/", terminal_line, 5)) {
> > - /* strip leading "/dev/" from tty. */
> > - terminal_line += 5;
> > + /* strip leading "/dev/" from tty. */
> > + terminal_line += 5;
> > }
> > D(("terminal = %s", terminal_line));
> > return terminal_line;
>
> I do not understand the purpose of this patch. The terminal_line cannot
> be NULL because in case the pam_get_item fails or returns NULL in
> void_terminal_line the DEFAULT_TERM constant is used.
>
> --
> Tomas Mraz
> No matter how far down the wrong road you've gone, turn back.
> Turkish proverb
> (You'll never know whether the road is wrong though.)
>
>
> _______________________________________________
> Pam-list mailing list
> Pam-list at redhat.com
> https://www.redhat.com/mailman/listinfo/pam-list
More information about the Pam-list
mailing list