Relevant BUGIDs: 116076

Purpose of commit: bugfix

Commit summary:
---------------
Added pam_time/pam_group fixes for infinite loop when reading
'\\[^\n]' in their config files and also added support for '/'.
The latter makes both of these modules support modern tty handling.

2 files changed, 4 insertions, 2 deletions

diff --git a/modules/pam_group/group.conf b/modules/pam_group/group.conf
index bdd76adb..e721b990 100644
--- a/modules/pam_group/group.conf
+++ b/modules/pam_group/group.conf
@@ -10,7 +10,7 @@
 # *** NOT inherently secure. If a user can create an executable that
 # *** is setgid a group that they are infrequently given membership
 # *** of, they can basically obtain group membership any time they
-# *** like. Example: games are alowed between the hours of 6pm and 6am
+# *** like. Example: games are allowed between the hours of 6pm and 6am
 # *** user joe logs in at 7pm writes a small C-program toplay.c that
 # *** invokes their favorite shell, compiles it and does
 # *** "chgrp games toplay; chmod g+s toplay". They are basically able
diff --git a/modules/pam_group/pam_group.c b/modules/pam_group/pam_group.c
index 2b820df2..af3c7ef3 100644
--- a/modules/pam_group/pam_group.c
+++ b/modules/pam_group/pam_group.c
@@ -165,6 +165,8 @@ static int read_field(int fd, char **buf, int *from, int *to)
 		if ((*buf)[i+1] == '\n') {
 		    shift_bytes(i + *buf, 2, *to - (i+2));
 		    *to -= 2;
+		} else {
+		    ++i;   /* we don't escape non-newline characters */
 		}
 		break;
 	    case '!':
@@ -245,7 +247,7 @@ static int logic_member(const char *string, int *at)
 
 	  default:
 	       if (isalpha(c) || c == '*' || isdigit(c) || c == '_'
-		    || c == '-' || c == '.') {
+		    || c == '-' || c == '.' || c == '/') {
 		    token = 1;
 	       } else if (token) {
 		    --to;