Relevant BUGIDs:

[linux-pam] / modules / pam_lastlog / pam_lastlog.c
diff --git a/modules/pam_lastlog/pam_lastlog.c b/modules/pam_lastlog/pam_lastlog.c

index 05c3c083d1ffc305420334ef5342591c4646caff..e9eeac4ef1c95a9e0666663d6f48e1c7b8bbe500 100644 (file)
--- a/modules/pam_lastlog/pam_lastlog.c
+++ b/modules/pam_lastlog/pam_lastlog.c
@@ -25,7 +25,6 @@
  #include <stdio.h>
  #include <string.h>
  #include <sys/types.h>
-#define __USE_BSD
  #include <syslog.h>
  #include <unistd.h>
  
@@ -80,6 +79,7 @@ struct lastlog {
  
  #include <security/pam_modules.h>
  #include <security/_pam_macros.h>
+#include <security/_pam_modutil.h>
  
  /* some syslogging */
  
@@ -150,7 +150,7 @@ static int converse(pam_handle_t *pamh, int ctrl, int nargs
      D(("begin to converse"));
  
      retval = pam_get_item( pamh, PAM_CONV, (const void **) &conv ) ; 
-    if ( retval == PAM_SUCCESS ) {
+    if ( retval == PAM_SUCCESS && conv) {
  
         retval = conv->conv(nargs, ( const struct pam_message ** ) message
                             , response, conv->appdata_ptr);
@@ -165,6 +165,8 @@ static int converse(pam_handle_t *pamh, int ctrl, int nargs
      } else {
         _log_err(LOG_ERR, "couldn't obtain coversation function [%s]"
                  , pam_strerror(pamh, retval));
+       if (retval == PAM_SUCCESS)
+               retval = PAM_BAD_ITEM; /* conv was NULL */
      }
  
      D(("ready to return from module conversation"));
@@ -236,8 +238,8 @@ static int last_login_date(pam_handle_t *pamh, int announce, uid_t uid)
             sleep(LASTLOG_IGNORE_LOCK_TIME);
         }
  
-       win = ( read(last_fd, &last_login, sizeof(last_login))
-               == sizeof(last_login) );
+       win = (_pammodutil_read (last_fd, (char *) &last_login,
+                                sizeof(last_login)) == sizeof(last_login));
  
         last_lock.l_type = F_UNLCK;
         (void) fcntl(last_fd, F_SETLK, &last_lock);        /* unlock */
@@ -255,10 +257,12 @@ static int last_login_date(pam_handle_t *pamh, int announce, uid_t uid)
  
         if (!(announce & LASTLOG_QUIET)) {
             if (last_login.ll_time) {
+               time_t ll_time;
                 char *the_time;
                 char *remark;
  
-               the_time = ctime(&last_login.ll_time);
+               ll_time = last_login.ll_time;
+               the_time = ctime(&ll_time);
                 the_time[-1+strlen(the_time)] = '\0';    /* delete '\n' */
  
                 remark = malloc(LASTLOG_MAXSIZE);
@@ -320,13 +324,15 @@ static int last_login_date(pam_handle_t *pamh, int announce, uid_t uid)
  
         /* write latest value */
         {
+           time_t ll_time;
             const char *remote_host=NULL
                 , *terminal_line=DEFAULT_TERM;
  
             /* set this login date */
             D(("set the most recent login time"));
  
-           (void) time(&last_login.ll_time);    /* set the time */
+           (void) time(&ll_time);    /* set the time */
+            last_login.ll_time = ll_time;
  
             /* set the remote host */
             (void) pam_get_item(pamh, PAM_RHOST, (const void **)&remote_host);
@@ -335,8 +341,9 @@ static int last_login_date(pam_handle_t *pamh, int announce, uid_t uid)
             }
  
             /* copy to last_login */
-           strncpy(last_login.ll_host, remote_host
-                   , sizeof(last_login.ll_host));
+           strncpy(last_login.ll_host, remote_host,
+                   sizeof(last_login.ll_host));
+           last_login.ll_host[sizeof(last_login.ll_host) - 1] = '\0';
             remote_host = NULL;
  
             /* set the terminal line */
@@ -351,8 +358,9 @@ static int last_login_date(pam_handle_t *pamh, int announce, uid_t uid)
             D(("terminal = %s", terminal_line));
  
             /* copy to last_login */
-           strncpy(last_login.ll_line, terminal_line
-                   , sizeof(last_login.ll_line));
+           strncpy(last_login.ll_line, terminal_line,
+                   sizeof(last_login.ll_line));
+           last_login.ll_host[sizeof(last_login.ll_host) - 1] = '\0';
             terminal_line = NULL;
  
             D(("locking last_log file"));
@@ -371,7 +379,8 @@ static int last_login_date(pam_handle_t *pamh, int announce, uid_t uid)
             }
  
             D(("writing to the last_log file"));
-           (void) write(last_fd, &last_login, sizeof(last_login));
+           _pammodutil_write (last_fd, (char *) &last_login,
+                               sizeof (last_login));
  
             last_lock.l_type = F_UNLCK;
             (void) fcntl(last_fd, F_SETLK, &last_lock);        /* unlock */
@@ -416,7 +425,7 @@ int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc
  
      /* what uid? */
  
-    pwd = getpwnam(user);
+    pwd = _pammodutil_getpwnam (pamh, user);
      if (pwd == NULL) {
         D(("couldn't identify user %s", user));
         return PAM_CRED_INSUFFICIENT;