]> granicus.if.org Git - linux-pam/commit
projects / linux-pam / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: caf5e7f) | patch
pam_env: abort when encountering an overflowed environment variable expansion
authorKees Cook <kees@debian.org>
Fri, 14 Oct 2011 19:47:23 +0000 (19:47 +0000)
committerDmitry V. Levin <ldv@altlinux.org>
Fri, 14 Oct 2011 19:47:23 +0000 (19:47 +0000)
commit109823cb621c900c07c4b6cdc99070d354d19444
treef75f2de0f16559f9dbbd60d8aa5312d22b5a7b56tree | snapshot
parentcaf5e7f61c8d9288daa49b4f61962e6b1239121dcommit | diff
pam_env: abort when encountering an overflowed environment variable expansion

* modules/pam_env/pam_env.c (_expand_arg): Abort when encountering an
overflowed environment variable expansion.
Fixes CVE-2011-3149.
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874565
ChangeLog diff | blob | history
modules/pam_env/pam_env.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.