From: Andrew G. Morgan <morgan@kernel.org>
Date: Sun, 26 Nov 2000 07:32:39 +0000 (+0000)
Subject: Relevant BUGIDs: 116076
X-Git-Tag: Linux-PAM-0-73~7
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=6b6fbdbcf1fe84f6b82fe71c178cb6466f76f5e3;p=linux-pam

Relevant BUGIDs: 116076

Purpose of commit: bugfix

Commit summary:
---------------
Added pam_time/pam_group fixes for infinite loop when reading
'\\[^\n]' in their config files and also added support for '/'.
The latter makes both of these modules support modern tty handling.
---

diff --git a/CHANGELOG b/CHANGELOG
index f45da409..d574b6ff 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -35,6 +35,9 @@ Where you should replace XXXXX with a bug-id.
 0.73: please submit patches for this section with actual code/doc
       patches!
 
+* added support for '/' symbols in pam_time and pam_group config files
+  (support for modern terminal devices). Fixed infinite loop problem
+  with '\\[^\n]' in these files. (Bug 116076 - agmorgan)
 * avoid potential SIGPIPE when writing to helper binaries with (Bug
   123399 - agmorgan)
 * replaced bogus logic in the pam_cracklib module for determining if
diff --git a/modules/pam_group/group.conf b/modules/pam_group/group.conf
index bdd76adb..e721b990 100644
--- a/modules/pam_group/group.conf
+++ b/modules/pam_group/group.conf
@@ -10,7 +10,7 @@
 # *** NOT inherently secure. If a user can create an executable that
 # *** is setgid a group that they are infrequently given membership
 # *** of, they can basically obtain group membership any time they
-# *** like. Example: games are alowed between the hours of 6pm and 6am
+# *** like. Example: games are allowed between the hours of 6pm and 6am
 # *** user joe logs in at 7pm writes a small C-program toplay.c that
 # *** invokes their favorite shell, compiles it and does
 # *** "chgrp games toplay; chmod g+s toplay". They are basically able
diff --git a/modules/pam_group/pam_group.c b/modules/pam_group/pam_group.c
index 2b820df2..af3c7ef3 100644
--- a/modules/pam_group/pam_group.c
+++ b/modules/pam_group/pam_group.c
@@ -165,6 +165,8 @@ static int read_field(int fd, char **buf, int *from, int *to)
 		if ((*buf)[i+1] == '\n') {
 		    shift_bytes(i + *buf, 2, *to - (i+2));
 		    *to -= 2;
+		} else {
+		    ++i;   /* we don't escape non-newline characters */
 		}
 		break;
 	    case '!':
@@ -245,7 +247,7 @@ static int logic_member(const char *string, int *at)
 
 	  default:
 	       if (isalpha(c) || c == '*' || isdigit(c) || c == '_'
-		    || c == '-' || c == '.') {
+		    || c == '-' || c == '.' || c == '/') {
 		    token = 1;
 	       } else if (token) {
 		    --to;
diff --git a/modules/pam_time/pam_time.c b/modules/pam_time/pam_time.c
index b3ce0df9..0964f776 100644
--- a/modules/pam_time/pam_time.c
+++ b/modules/pam_time/pam_time.c
@@ -166,6 +166,8 @@ static int read_field(int fd, char **buf, int *from, int *to)
 		if ((*buf)[i+1] == '\n') {
 		    shift_bytes(i + *buf, 2, *to - (i+2));
 		    *to -= 2;
+		} else {
+		    ++i;   /* we don't escape non-newline characters */
 		}
 		break;
 	    case '!':
@@ -247,7 +249,7 @@ static int logic_member(const char *string, int *at)
 
 	  default:
 	       if (isalpha(c) || c == '*' || isdigit(c) || c == '_'
-		    || c == '-' || c == '.') {
+		    || c == '-' || c == '.' || c == '/') {
 		    token = 1;
 	       } else if (token) {
 		    --to;