summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTomas Mraz <tm@t8m.info>2011-03-18 23:15:54 +0000
committerTomas Mraz <tm@t8m.info>2011-03-18 23:15:54 +0000
commitf052833acfa231b68d024fef7637883d81400e42 (patch)
tree6934623919088182297c1f8ee52e03cbe6ba9962
parent24557b231f549dc6511d62f5ad35d15d95e1f44f (diff)
Relevant BUGIDs:
Purpose of commit: bugfix Commit summary: --------------- 2011-03-18 Tomas Mraz <tm@t8m.info> * modules/pam_namespace/md5.c (MD5Final): Clear the whole ctx. * modules/pam_namespace/pam_namespace.c (del_polydir): Guard for NULL poly. (protect_dir): Guard for -1 passing to close(). (ns_setup): Likewise. (pam_sm_open_session): Correctly test for SELinux enabled flag.
-rw-r--r--ChangeLog8
-rw-r--r--modules/pam_namespace/argv_parse.c29
-rw-r--r--modules/pam_namespace/md5.c2
-rw-r--r--modules/pam_namespace/pam_namespace.c17
4 files changed, 37 insertions, 19 deletions
diff --git a/ChangeLog b/ChangeLog
index f787b764..24318182 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+2011-03-18 Tomas Mraz <tm@t8m.info>
+
+ * modules/pam_namespace/md5.c (MD5Final): Clear the whole ctx.
+ * modules/pam_namespace/pam_namespace.c (del_polydir): Guard for NULL poly.
+ (protect_dir): Guard for -1 passing to close().
+ (ns_setup): Likewise.
+ (pam_sm_open_session): Correctly test for SELinux enabled flag.
+
2011-03-17 Tomas Mraz <tm@t8m.info>
* modules/pam_selinux/pam_selinux.c (config_context): Fix leak of type.
diff --git a/modules/pam_namespace/argv_parse.c b/modules/pam_namespace/argv_parse.c
index acc76d74..40510542 100644
--- a/modules/pam_namespace/argv_parse.c
+++ b/modules/pam_namespace/argv_parse.c
@@ -44,15 +44,15 @@ int argv_parse(const char *in_buf, int *ret_argc, char ***ret_argv)
{
int argc = 0, max_argc = 0;
char **argv, **new_argv, *buf, ch;
- const char *cp = 0;
- char *outcp = 0;
+ const char *cp = NULL;
+ char *outcp = NULL;
int state = STATE_WHITESPACE;
buf = malloc(strlen(in_buf)+1);
if (!buf)
return -1;
- max_argc = 0; argc = 0; argv = 0;
+ argv = NULL;
outcp = buf;
for (cp = in_buf; (ch = *cp); cp++) {
if (state == STATE_WHITESPACE) {
@@ -111,23 +111,30 @@ int argv_parse(const char *in_buf, int *ret_argc, char ***ret_argv)
}
if (state != STATE_WHITESPACE)
*outcp++ = '\0';
- if (argv == 0) {
- argv = malloc(sizeof(char *));
+ if (ret_argv) {
+ if (argv == NULL) {
+ free(buf);
+ if ((argv=malloc(sizeof(char *))) == NULL)
+ return -1;
+ }
+ argv[argc] = NULL;
+ *ret_argv = argv;
+ } else {
free(buf);
+ free(argv);
}
- argv[argc] = 0;
if (ret_argc)
*ret_argc = argc;
- if (ret_argv)
- *ret_argv = argv;
return 0;
}
void argv_free(char **argv)
{
- if (*argv)
- free(*argv);
- free(argv);
+ if (argv) {
+ if (*argv)
+ free(*argv);
+ free(argv);
+ }
}
#ifdef DEBUG_ARGV_PARSE
diff --git a/modules/pam_namespace/md5.c b/modules/pam_namespace/md5.c
index 3094a130..c79fb357 100644
--- a/modules/pam_namespace/md5.c
+++ b/modules/pam_namespace/md5.c
@@ -148,7 +148,7 @@ void MD5Name(MD5Final)(unsigned char digest[16], struct MD5Context *ctx)
MD5Name(MD5Transform)(ctx->buf, (uint32 *) ctx->in);
byteReverse((unsigned char *) ctx->buf, 4);
memcpy(digest, ctx->buf, 16);
- memset(ctx, 0, sizeof(ctx)); /* In case it's sensitive */
+ memset(ctx, 0, sizeof(*ctx)); /* In case it's sensitive */
}
/* The four core functions - F1 is optimized somewhat */
diff --git a/modules/pam_namespace/pam_namespace.c b/modules/pam_namespace/pam_namespace.c
index baa7f85a..c47599e0 100644
--- a/modules/pam_namespace/pam_namespace.c
+++ b/modules/pam_namespace/pam_namespace.c
@@ -61,9 +61,11 @@ static void add_polydir_entry(struct instance_data *idata,
static void del_polydir(struct polydir_s *poly)
{
- free(poly->uid);
- free(poly->init_script);
- free(poly);
+ if (poly) {
+ free(poly->uid);
+ free(poly->init_script);
+ free(poly);
+ }
}
/*
@@ -1093,7 +1095,7 @@ static int protect_dir(const char *path, mode_t mode, int do_mkdir,
error:
save_errno = errno;
free(p);
- if (dfd != AT_FDCWD)
+ if (dfd != AT_FDCWD && dfd >= 0)
close(dfd);
errno = save_errno;
@@ -1453,8 +1455,9 @@ static int ns_setup(struct polydir_s *polyptr,
return PAM_SESSION_ERR;
}
- if (retval < 0 && (polyptr->flags & POLYDIR_CREATE)) {
- if (create_polydir(polyptr, idata) != PAM_SUCCESS)
+ if (retval < 0) {
+ if ((polyptr->flags & POLYDIR_CREATE) &&
+ create_polydir(polyptr, idata) != PAM_SUCCESS)
return PAM_SESSION_ERR;
} else {
close(retval);
@@ -1966,7 +1969,7 @@ PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
if (strcmp(argv[i], "unmnt_only") == 0)
unmnt = UNMNT_ONLY;
if (strcmp(argv[i], "require_selinux") == 0) {
- if (~(idata.flags & PAMNS_SELINUX_ENABLED)) {
+ if (!(idata.flags & PAMNS_SELINUX_ENABLED)) {
pam_syslog(idata.pamh, LOG_ERR,
"selinux_required option given and selinux is disabled");
return PAM_SESSION_ERR;