pam_localuser: reject user names that are too long

Too long user names used to be truncated which could potentially result to false match and, consequently, to incorrect PAM_SUCCESS return value. * modules/pam_localuser/pam_localuser.c (pam_sm_authenticate): Return PAM_SERVICE_ERR if the user name is too long.
author: Dmitry V. Levin <ldv@altlinux.org> 2020-05-01 21:44:59 +0000
committer: Dmitry V. Levin <ldv@altlinux.org> 2020-05-21 16:51:52 +0000
commit: e35c10e9689df315a626ea6a119763993f95440b (patch)
tree: c4480da33dd1766cb72cded2d3f40bc6c18058ec /modules/pam_localuser
parent: bd3cdf24ee83ea4c4551c6aaf6966e720d957577 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/modules/pam_localuser/pam_localuser.c b/modules/pam_localuser/pam_localuser.c
index 4e05350e..2020eced 100644
--- a/modules/pam_localuser/pam_localuser.c
+++ b/modules/pam_localuser/pam_localuser.c
@@ -106,6 +106,12 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
 		return PAM_SYSTEM_ERR;
 	}
 
+	if (strlen(user) > sizeof(name) - sizeof(":")) {
+		pam_syslog (pamh, LOG_ERR, "user name too long");
+		fclose(fp);
+		return PAM_SERVICE_ERR;
+	}
+
 	if (strchr(user, ':') != NULL) {
 		/*
 		 * "root:x" is not a local user name even if the passwd file
author	Dmitry V. Levin <ldv@altlinux.org>	2020-05-01 21:44:59 +0000
committer	Dmitry V. Levin <ldv@altlinux.org>	2020-05-21 16:51:52 +0000
commit	e35c10e9689df315a626ea6a119763993f95440b (patch)
tree	c4480da33dd1766cb72cded2d3f40bc6c18058ec /modules/pam_localuser
parent	bd3cdf24ee83ea4c4551c6aaf6966e720d957577 (diff)