Relevant BUGIDs: patch 476968

Purpose of commit: bugfix

Commit summary:
---------------
Patch from Nalin Dahyabhai to prevent a buffer overflow in pam_issue
(rare, but could be triggered by a race condition when the admin updates
/etc/issue).

diff --git a/modules/pam_issue/pam_issue.c b/modules/pam_issue/pam_issue.c
index 1f4853dedc31c3b652bb5f1c8c11a592e6ce016a..67f40c85a4d887f1ff814d986ab45254d83ce959 100644 (file)
--- a/modules/pam_issue/pam_issue.c
+++ b/modules/pam_issue/pam_issue.c
@@ -111,7 +111,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
                return PAM_IGNORE;
            }
            memset (prompt_tmp, '\0', st.st_size + 1);
-           count = fread(prompt_tmp, sizeof(char *), st.st_size, fd);
+           count = fread(prompt_tmp, 1, st.st_size, fd);
            if (count != st.st_size) {
                free(prompt_tmp);
                return PAM_IGNORE;