summaryrefslogtreecommitdiff
path: root/modules/pam_env
diff options
context:
space:
mode:
authorKees Cook <kees@debian.org>2011-10-14 19:32:25 +0000
committerDmitry V. Levin <ldv@altlinux.org>2011-10-14 19:32:25 +0000
commitcaf5e7f61c8d9288daa49b4f61962e6b1239121d (patch)
tree4eb2a6ea8e8de07a13ccabec4be6691a5da1245e /modules/pam_env
parentc5cbe7a04f82ac89372dd2765979aac66188dca1 (diff)
pam_env: correctly count leading whitespace when parsing environment file
* modules/pam_env/pam_env.c (_assemble_line): Correctly count leading whitespace. Fixes CVE-2011-3148. Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874469
Diffstat (limited to 'modules/pam_env')
-rw-r--r--modules/pam_env/pam_env.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/modules/pam_env/pam_env.c b/modules/pam_env/pam_env.c
index 1ec01ca5..b7cd387f 100644
--- a/modules/pam_env/pam_env.c
+++ b/modules/pam_env/pam_env.c
@@ -290,6 +290,7 @@ static int _assemble_line(FILE *f, char *buffer, int buf_len)
char *p = buffer;
char *s, *os;
int used = 0;
+ int whitespace;
/* loop broken with a 'break' when a non-'\\n' ended line is read */
@@ -312,8 +313,10 @@ static int _assemble_line(FILE *f, char *buffer, int buf_len)
/* skip leading spaces --- line may be blank */
- s = p + strspn(p, " \n\t");
+ whitespace = strspn(p, " \n\t");
+ s = p + whitespace;
if (*s && (*s != '#')) {
+ used += whitespace;
os = s;
/*
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-25 10:12:55 +0000