+2006-12-09 Thorsten Kukuk <kukuk@thkukuk.de>
+
+ * modules/pam_umask/pam_umask.c: Use strtoul instead of strtol,
+ fix overflow detection.
+
2006-12-06 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_mkhomedir/pam_mkhomedir.c (rec_mkdir): Fix
* written permission.
*
* ALTERNATIVELY, this product may be distributed under the terms of
- * the GNU Public License, in which case the provisions of the GPL are
- * required INSTEAD OF the above restrictions. (This clause is
+ * the GNU Public License V2, in which case the provisions of the GPL
+ * are required INSTEAD OF the above restrictions. (This clause is
* necessary due to a potential bad interaction between the GPL and
* the restrictions contained in a BSD-style copyright.)
*
#include <stdio.h>
#include <ctype.h>
#include <errno.h>
+#include <limits.h>
#include <string.h>
#include <stdarg.h>
#include <unistd.h>
#include <security/pam_modutil.h>
#include <security/pam_ext.h>
+#define BUF_SIZE 4096
+#define LOGIN_DEFS "/etc/login.defs"
+#define LOGIN_CONF "/etc/default/login"
+
struct options_t {
int debug;
int usergroups;
if (buf == NULL)
{
- buflen = 8096;
+ buflen = BUF_SIZE;
buf = malloc (buflen);
}
buf[0] = '\0';
}
fclose (fp);
- if (buf)
- free (buf);
+ free (buf);
return retval;
}
parse_option (pamh, *argv, options);
if (options->umask == NULL)
- options->umask = search_key ("/etc/login.defs");
+ options->umask = search_key (LOGIN_DEFS);
if (options->umask == NULL)
- options->umask = search_key ("/etc/default/login");
+ options->umask = search_key (LOGIN_CONF);
return 0;
}
mode_t mask;
char *endptr;
- mask = strtol (value, &endptr, 8) & 0777;
- if ((mask == 0) && (value_orig == endptr))
+ mask = strtoul (value, &endptr, 8) & 0777;
+ if (((mask == 0) && (value_orig == endptr)) ||
+ ((mask == ULONG_MAX) && (errno == ERANGE)))
return;
umask (mask);
return;
projects / linux-pam / commitdiff