From 820abd9df1b84d656e50b099d84b3a569530e081 Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Tue, 3 Mar 2009 08:08:51 +0000 Subject: [PATCH] Relevant BUGIDs: Purpose of commit: bugfix Commit summary: --------------- 2009-03-03 Tomas Mraz * modules/pam_unix/pam_unix_acct.c(_unix_run_verify_binary): Test for abnormal exit of the helper binary. * modules/pam_unix/pam_unix_passwd.c(_unix_run_update_binary): Likewise. * modules/pam_unix/support.c(_unix_run_helper_binary): Likewise. --- ChangeLog | 7 +++++++ modules/pam_unix/pam_unix_acct.c | 3 +++ modules/pam_unix/pam_unix_passwd.c | 7 +++++-- modules/pam_unix/support.c | 3 +++ 4 files changed, 18 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index bb5dc359..5c18989b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,10 @@ +2009-03-03 Tomas Mraz + + * modules/pam_unix/pam_unix_acct.c(_unix_run_verify_binary): Test + for abnormal exit of the helper binary. + * modules/pam_unix/pam_unix_passwd.c(_unix_run_update_binary): Likewise. + * modules/pam_unix/support.c(_unix_run_helper_binary): Likewise. + 2009-02-26 Tomas Mraz * xtests/Makefile.am: Add tst-pam_unix4. diff --git a/modules/pam_unix/pam_unix_acct.c b/modules/pam_unix/pam_unix_acct.c index 909545cc..6aa66e80 100644 --- a/modules/pam_unix/pam_unix_acct.c +++ b/modules/pam_unix/pam_unix_acct.c @@ -139,6 +139,9 @@ int _unix_run_verify_binary(pam_handle_t *pamh, unsigned int ctrl, if (rc<0) { pam_syslog(pamh, LOG_ERR, "unix_chkpwd waitpid returned %d: %m", rc); retval = PAM_AUTH_ERR; + } else if (!WIFEXITED(retval)) { + pam_syslog(pamh, LOG_ERR, "unix_chkpwd abnormal exit: %d", retval); + retval = PAM_AUTH_ERR; } else { retval = WEXITSTATUS(retval); rc = pam_modutil_read(fds[0], buf, sizeof(buf) - 1); diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c index d221220f..5207d535 100644 --- a/modules/pam_unix/pam_unix_passwd.c +++ b/modules/pam_unix/pam_unix_passwd.c @@ -225,8 +225,11 @@ static int _unix_run_update_binary(pam_handle_t *pamh, unsigned int ctrl, const rc=waitpid(child, &retval, 0); /* wait for helper to complete */ if (rc<0) { pam_syslog(pamh, LOG_ERR, "unix_update waitpid failed: %m"); - retval = PAM_AUTH_ERR; - } else { + retval = PAM_AUTHTOK_ERR; + } else if (!WIFEXITED(retval)) { + pam_syslog(pamh, LOG_ERR, "unix_update abnormal exit: %d", retval); + retval = PAM_AUTHTOK_ERR; + } else { retval = WEXITSTATUS(retval); } } else { diff --git a/modules/pam_unix/support.c b/modules/pam_unix/support.c index b82cad26..ff123f35 100644 --- a/modules/pam_unix/support.c +++ b/modules/pam_unix/support.c @@ -475,6 +475,9 @@ static int _unix_run_helper_binary(pam_handle_t *pamh, const char *passwd, if (rc<0) { pam_syslog(pamh, LOG_ERR, "unix_chkpwd waitpid returned %d: %m", rc); retval = PAM_AUTH_ERR; + } else if (!WIFEXITED(retval)) { + pam_syslog(pamh, LOG_ERR, "unix_chkpwd abnormal exit: %d", retval); + retval = PAM_AUTH_ERR; } else { retval = WEXITSTATUS(retval); } -- 2.40.0