summaryrefslogtreecommitdiff
path: root/debian/patches-applied/pam_env_ignore_garbage.patch
diff options
context:
space:
mode:
authorSteve Langasek <vorlon@debian.org>2019-01-02 12:24:44 -0800
committerSteve Langasek <vorlon@debian.org>2019-01-02 12:27:24 -0800
commita6f4ab0bebc76acf85cc0244bd21c1036009c28c (patch)
treedf0d6a57d2b91ab9038e8d7b0d62f28c2daa66db /debian/patches-applied/pam_env_ignore_garbage.patch
parent10b6243f4664747e815372070142d6c5853176da (diff)
fix-up commit for grafting svn history onto git history
Diffstat (limited to 'debian/patches-applied/pam_env_ignore_garbage.patch')
-rw-r--r--debian/patches-applied/pam_env_ignore_garbage.patch46
1 files changed, 46 insertions, 0 deletions
diff --git a/debian/patches-applied/pam_env_ignore_garbage.patch b/debian/patches-applied/pam_env_ignore_garbage.patch
new file mode 100644
index 00000000..b224a02b
--- /dev/null
+++ b/debian/patches-applied/pam_env_ignore_garbage.patch
@@ -0,0 +1,46 @@
+Patch for Debian bug #439984
+
+pam_env was not correctly skipping over non-alphanumeric variable names,
+and was not handling the PAM_BAD_ITEM error return from pam_putenv()
+when clearing an unset variable.
+
+Authors: Steve Langasek <vorlon@debian.org>
+
+Upstream status: submitted in <20070830222058.GA9984@dario.dodds.net>
+
+Index: pam/Linux-PAM/modules/pam_env/pam_env.c
+===================================================================
+--- pam.orig/Linux-PAM/modules/pam_env/pam_env.c
++++ pam/Linux-PAM/modules/pam_env/pam_env.c
+@@ -232,9 +232,14 @@
+
+ for ( i = 0 ; key[i] != '=' && key[i] != '\0' ; i++ )
+ if (!isalnum(key[i]) && key[i] != '_') {
+- D(("key is not alpha numeric - '%s', ignoring", key));
+- continue;
++ pam_syslog(pamh, LOG_ERR,
++ "non-alphanumeric key '%s' in %s', ignoring",
++ key, file);
++ break;
+ }
++ /* non-alphanumeric key, ignore this line */
++ if (key[i] != '=' && key[i] != '\0')
++ continue;
+
+ /* now we try to be smart about quotes around the value,
+ but not too smart, we can't get all fancy with escaped
+@@ -248,6 +253,14 @@
+ key[i] = '\0';
+ }
+
++ /* if this is a request to delete a variable, check that it's
++ actually set first, so we don't get a vague error back from
++ pam_putenv() */
++ for (i = 0; key[i] != '=' && key[i] != '\0'; i++);
++
++ if (key[i] == '\0' && !pam_getenv(pamh,key))
++ continue;
++
+ /* set the env var, if it fails, we break out of the loop */
+ retval = pam_putenv(pamh, key);
+ if (retval != PAM_SUCCESS) {