From: Tomas Mraz Date: Tue, 3 Mar 2009 08:10:53 +0000 (+0000) Subject: Relevant BUGIDs: X-Git-Tag: Linux-PAM-1_0_91~2 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=5814c9064606215dca37b138a12822d66ca2b312;p=linux-pam Relevant BUGIDs: Purpose of commit: bugfix Commit summary: --------------- 2009-03-03 Tomas Mraz * modules/pam_unix/pam_unix_acct.c(_unix_run_verify_binary): Test for abnormal exit of the helper binary. * modules/pam_unix/pam_unix_passwd.c(_unix_run_update_binary): Likewise. * modules/pam_unix/support.c(_unix_run_helper_binary): Likewise. * modules/pam_mkhomedir/pam_mkhomedir.c(create_homedir): Likewise. --- diff --git a/ChangeLog b/ChangeLog index 5abf28e3..2d725190 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,11 @@ +2009-03-03 Tomas Mraz + + * modules/pam_unix/pam_unix_acct.c(_unix_run_verify_binary): Test + for abnormal exit of the helper binary. + * modules/pam_unix/pam_unix_passwd.c(_unix_run_update_binary): Likewise. + * modules/pam_unix/support.c(_unix_run_helper_binary): Likewise. + * modules/pam_mkhomedir/pam_mkhomedir.c(create_homedir): Likewise. + 2009-02-27 Tomas Mraz * modules/pam_mkhomedir/pam_mkhomedir.c(create_homedir): Replace diff --git a/modules/pam_mkhomedir/pam_mkhomedir.c b/modules/pam_mkhomedir/pam_mkhomedir.c index 1beb2d9f..419b525a 100644 --- a/modules/pam_mkhomedir/pam_mkhomedir.c +++ b/modules/pam_mkhomedir/pam_mkhomedir.c @@ -159,7 +159,10 @@ create_homedir (pam_handle_t *pamh, int ctrl, if (rc < 0) { pam_syslog(pamh, LOG_ERR, "waitpid failed: %m"); retval = PAM_SYSTEM_ERR; - } else { + } else if (!WIFEXITED(retval)) { + pam_syslog(pamh, LOG_ERR, "mkhomedir_helper abnormal exit: %d", retval); + retval = PAM_SYSTEM_ERR; + } else { retval = WEXITSTATUS(retval); } } else { diff --git a/modules/pam_unix/pam_unix_acct.c b/modules/pam_unix/pam_unix_acct.c index f8698337..4e119340 100644 --- a/modules/pam_unix/pam_unix_acct.c +++ b/modules/pam_unix/pam_unix_acct.c @@ -140,6 +140,9 @@ int _unix_run_verify_binary(pam_handle_t *pamh, unsigned int ctrl, if (rc<0) { pam_syslog(pamh, LOG_ERR, "unix_chkpwd waitpid returned %d: %m", rc); retval = PAM_AUTH_ERR; + } else if (!WIFEXITED(retval)) { + pam_syslog(pamh, LOG_ERR, "unix_chkpwd abnormal exit: %d", retval); + retval = PAM_AUTH_ERR; } else { retval = WEXITSTATUS(retval); rc = pam_modutil_read(fds[0], buf, sizeof(buf) - 1); diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c index 9386d87f..ab1adda0 100644 --- a/modules/pam_unix/pam_unix_passwd.c +++ b/modules/pam_unix/pam_unix_passwd.c @@ -227,8 +227,11 @@ static int _unix_run_update_binary(pam_handle_t *pamh, unsigned int ctrl, const rc=waitpid(child, &retval, 0); /* wait for helper to complete */ if (rc<0) { pam_syslog(pamh, LOG_ERR, "unix_update waitpid failed: %m"); - retval = PAM_AUTH_ERR; - } else { + retval = PAM_AUTHTOK_ERR; + } else if (!WIFEXITED(retval)) { + pam_syslog(pamh, LOG_ERR, "unix_update abnormal exit: %d", retval); + retval = PAM_AUTHTOK_ERR; + } else { retval = WEXITSTATUS(retval); } } else { diff --git a/modules/pam_unix/support.c b/modules/pam_unix/support.c index 6e1bd454..dda617a0 100644 --- a/modules/pam_unix/support.c +++ b/modules/pam_unix/support.c @@ -489,6 +489,9 @@ static int _unix_run_helper_binary(pam_handle_t *pamh, const char *passwd, if (rc<0) { pam_syslog(pamh, LOG_ERR, "unix_chkpwd waitpid returned %d: %m", rc); retval = PAM_AUTH_ERR; + } else if (!WIFEXITED(retval)) { + pam_syslog(pamh, LOG_ERR, "unix_chkpwd abnormal exit: %d", retval); + retval = PAM_AUTH_ERR; } else { retval = WEXITSTATUS(retval); }