security/linux-pam/musl.patch

Fri, 15 Nov 2019 20:05:00 +0100

author
David Demelier <markand@malikania.fr>
date
Fri, 15 Nov 2019 20:05:00 +0100
changeset 1207
c9592a9a949b
parent 385
3b0114bc7438
permissions
-rw-r--r--

python/python2: add DEPRECATED tag

--- modules/pam_exec/pam_exec.c.orig
+++ modules/pam_exec/pam_exec.c
@@ -103,11 +103,14 @@
   int optargc;
   const char *logfile = NULL;
   const char *authtok = NULL;
+  char authtok_buf[PAM_MAX_RESP_SIZE+1];
+
   pid_t pid;
   int fds[2];
   int stdout_fds[2];
   FILE *stdout_file = NULL;
 
+  memset(authtok_buf, 0, sizeof(authtok_buf));
   if (argc < 1) {
     pam_syslog (pamh, LOG_ERR,
 		"This module needs at least one argument");
@@ -180,12 +183,12 @@
 	      if (resp)
 		{
 		  pam_set_item (pamh, PAM_AUTHTOK, resp);
-		  authtok = strndupa (resp, PAM_MAX_RESP_SIZE);
+		  authtok = strncpy (authtok_buf, resp, sizeof (authtok_buf));
 		  _pam_drop (resp);
 		}
 	    }
 	  else
-	    authtok = strndupa (void_pass, PAM_MAX_RESP_SIZE);
+	    authtok = strncpy (authtok_buf, void_pass, sizeof (authtok_buf));
 
 	  if (pipe(fds) != 0)
 	    {
--- modules/pam_lastlog/pam_lastlog.c.orig
+++ modules/pam_lastlog/pam_lastlog.c
@@ -10,6 +10,7 @@
 
 #include "config.h"
 
+#include <paths.h>
 #include <fcntl.h>
 #include <time.h>
 #include <errno.h>
@@ -48,6 +49,10 @@
 
 #ifndef _PATH_BTMP
 # define _PATH_BTMP "/var/log/btmp"
+#endif
+
+#ifndef __GLIBC__
+#define logwtmp(args...)
 #endif
 
 /* XXX - time before ignoring lock. Is 1 sec enough? */

mercurial