Purpose of commit: bugfixes
Commit summary:
---------------
2006-05-22 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_listfile/pam_listfile.c (pam_sm_authenticate):
Fix memory leaks, [#
1490956] found by Coverity.
* modules/pam_tally/pam_tally.c (pam_get_uid): Check return
value of pam_get_user().
(tally_get_data): Check if oldtime is not NULL.
[#
1489818] found by Coverity.
* modules/pam_mkhomedir/pam_mkhomedir.c (create_homedir): Don't
ignore return value of stat(). [#
1489808] found by Coverity.
* modules/pam_mail/pam_mail.c (get_folder): Fix a potential
NULL pointer dereference. [#
1489792] found by Coverity.
* libpam/Makefile.am: bump release number of libpam.so.
* libpam/pam_misc.c (_pam_mkargv): Fix memory leak,
[#
1489804] found by Coverity.
* modules/pam_echo/pam_echo.c (replace_and_print): Initialize
str, [#
1489658] found by Coverity.
* modules/pam_cracklib/pam_cracklib.c (_pam_unix_approve_pass): Fix
a potential NULL pointer dereference.
(pam_sm_chauthtok): Remove dead code.
[#
1489634] found by Coverity.
+2006-05-22 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_listfile/pam_listfile.c (pam_sm_authenticate):
+ Fix memory leaks, [#1490956] found by Coverity.
+
+ * modules/pam_tally/pam_tally.c (pam_get_uid): Check return
+ value of pam_get_user().
+ (tally_get_data): Check if oldtime is not NULL.
+ [#1489818] found by Coverity.
+
+ * modules/pam_mkhomedir/pam_mkhomedir.c (create_homedir): Don't
+ ignore return value of stat(). [#1489808] found by Coverity.
+
+ * modules/pam_mail/pam_mail.c (get_folder): Fix a potential
+ NULL pointer dereference. [#1489792] found by Coverity.
+
+ * libpam/Makefile.am: bump release number of libpam.so.
+ * libpam/pam_misc.c (_pam_mkargv): Fix memory leak,
+ [#1489804] found by Coverity.
+
+ * modules/pam_echo/pam_echo.c (replace_and_print): Initialize
+ str, [#1489658] found by Coverity.
+
+ * modules/pam_cracklib/pam_cracklib.c (_pam_unix_approve_pass): Fix
+ a potential NULL pointer dereference.
+ (pam_sm_chauthtok): Remove dead code.
+ [#1489634] found by Coverity.
+
2006-05-04 Thorsten Kukuk <kukuk@suse.de>
* configure.in: Check for fseeko.
* pam_tally: Fix support for large UIDs
+* Fixed all problems found by Coverity
Release 0.99.4.0
noinst_HEADERS = pam_prelude.h pam_private.h pam_tokens.h \
pam_modutil_private.h pam_static_modules.h
-libpam_la_LDFLAGS = -no-undefined -version-info 81:3:81 @LIBAUDIT@
+libpam_la_LDFLAGS = -no-undefined -version-info 81:4:81 @LIBAUDIT@
if STATIC_MODULES
libpam_la_LDFLAGS += `ls ../modules/pam_*/*.lo` \
@LIBDB@ @LIBCRYPT@ @LIBNSL@ @LIBCRACK@ -lutil
sbuf = NULL;
D(("loop again?"));
}
- _pam_drop(sbuf_start);
}
+ _pam_drop(sbuf_start);
}
}
-
+
*argv = our_argv;
D(("_pam_mkargv returned"));
error = "expecting '='";
goto parse_error;
}
-
+
/* skip leading space */
while (isspace((int)*tok) && *++tok);
if (!*tok) {
if (!msg) {
retval = pam_get_item(pamh, PAM_USER, &user);
if (retval != PAM_SUCCESS || user == NULL) {
- if (ctrl & PAM_DEBUG_ARG) {
+ if (ctrl & PAM_DEBUG_ARG)
pam_syslog(pamh,LOG_ERR,"Can not get username");
- return PAM_AUTHTOK_ERR;
- }
+ return PAM_AUTHTOK_ERR;
}
msg = check_old_password(user, pass_new);
}
*/
_pam_drop(resp);
} else {
- retval = (retval == PAM_SUCCESS) ?
- PAM_AUTHTOK_RECOVERY_ERR:retval ;
- }
-
- if (retval != PAM_SUCCESS) {
if (ctrl && PAM_DEBUG_ARG)
pam_syslog(pamh, LOG_DEBUG,
"unable to obtain the password a second time");
char *output;
size_t length = strlen (mesg) + PAM_MAX_MSG_SIZE;
char myhostname[HOST_NAME_MAX+1];
- const void *str;
+ const void *str = NULL;
const char *p, *q;
int item;
size_t len;
onerr = PAM_SUCCESS;
else if(!strcmp(myval,"fail"))
onerr = PAM_SERVICE_ERR;
- else
+ else {
+ if (ifname) free (ifname);
return PAM_SERVICE_ERR;
+ }
else if(!strcmp(mybuf,"sense"))
if(!strcmp(myval,"allow"))
sense=0;
else if(!strcmp(myval,"deny"))
sense=1;
- else
+ else {
+ if (ifname) free (ifname);
return onerr;
+ }
else if(!strcmp(mybuf,"file")) {
+ if (ifname) free (ifname);
ifname = (char *)malloc(strlen(myval)+1);
if (!ifname)
return PAM_BUF_ERR;
) {
pam_syslog(pamh,LOG_ERR,
"Invalid usage for apply= parameter");
+ free (ifname);
return onerr;
}
/* pam_mail module */
/*
- * $Id$
- *
* Written by Andrew Morgan <morgan@linux.kernel.org> 1996/3/11
* $HOME additions by David Kinchlea <kinch@kinch.ark.com> 1997/1/7
* mailhash additions by Chris Adams <cadams@ro.com> 1998/7/11
retval = PAM_BUF_ERR;
if (ctrl & PAM_HOME_MAIL) {
+ if (pwd == NULL) {
+ pwd = pam_modutil_getpwnam(pamh, user);
+ if (pwd == NULL) {
+ pam_syslog(pamh, LOG_ERR, "user unknown");
+ retval = PAM_USER_UNKNOWN;
+ goto get_folder_cleanup;
+ }
+ }
if (asprintf(&folder, MAIL_FILE_FORMAT, pwd->pw_dir, "", path) < 0)
goto get_folder_cleanup;
} else {
return PAM_PERM_DENIED;
}
- stat(newsource,&St);
+ if (stat(newsource,&St) != 0)
+ {
+ pam_syslog(pamh, LOG_DEBUG, "unable to stat src file %s: %m",
+ newsource);
+ close(SrcFd);
+ closedir(D);
+
+#ifndef PATH_MAX
+ free(newsource); newsource = NULL;
+ free(newdest); newdest = NULL;
+#endif
+
+ return PAM_PERM_DENIED;
+ }
/* Open the dest file */
if ((DestFd = open(newdest,O_WRONLY | O_TRUNC | O_CREAT,0600)) < 0)
#ifdef MAIN
user = cline_user;
#else
- pam_get_user( pamh, &user, NULL );
+ if ((pam_get_user( pamh, &user, NULL )) != PAM_SUCCESS) {
+ pam_syslog(pamh, LOG_ERR, "pam_get_user; user?");
+ return PAM_AUTH_ERR;
+ }
#endif
if ( !user || !*user ) {
}
else {
rv = -1;
- *oldtime = 0;
+ if (oldtime)
+ *oldtime = 0;
}
return rv;
}
projects / linux-pam / commitdiff