diff options
| -rw-r--r-- | CHANGELOG | 1 | ||||
| -rw-r--r-- | modules/pam_group/pam_group.c | 2 | ||||
| -rw-r--r-- | modules/pam_issue/pam_issue.c | 7 | ||||
| -rw-r--r-- | modules/pam_listfile/pam_listfile.c | 23 | ||||
| -rw-r--r-- | modules/pam_mail/pam_mail.c | 2 | ||||
| -rw-r--r-- | modules/pam_motd/pam_motd.c | 13 | ||||
| -rw-r--r-- | modules/pam_stress/pam_stress.c | 8 | ||||
| -rw-r--r-- | modules/pam_succeed_if/pam_succeed_if.c | 1 |
8 files changed, 44 insertions, 13 deletions
@@ -68,6 +68,7 @@ BerliOS Bugs are marked with (BerliOS #XXXX). * misc_conv: flush input first then print the prompt - fixes problem with expect scripts (t8m) * pam_unix: nis option shouldn't clear the shadow option (t8m) +* cleanups and minor bugfixes by Steve Grubb (t8m) 0.79: Thu Mar 31 16:48:45 CEST 2005 * pam_tally: added audit option (toady) diff --git a/modules/pam_group/pam_group.c b/modules/pam_group/pam_group.c index e07a932e..71120921 100644 --- a/modules/pam_group/pam_group.c +++ b/modules/pam_group/pam_group.c @@ -6,7 +6,7 @@ * Written by Andrew Morgan <morgan@linux.kernel.org> 1996/7/6 */ -const static char rcsid[] = +static const char rcsid[] = "$Id$;\n" "Version 0.5 for Linux-PAM\n" "Copyright (c) Andrew G. Morgan 1996 <morgan@linux.kernel.org>\n"; diff --git a/modules/pam_issue/pam_issue.c b/modules/pam_issue/pam_issue.c index 5665966e..ba2d2006 100644 --- a/modules/pam_issue/pam_issue.c +++ b/modules/pam_issue/pam_issue.c @@ -269,10 +269,11 @@ static char *do_prompt(FILE *fd) if (ut->ut_type == USER_PROCESS) users++; endutent(); - printf ("%d ", users); if (c == 'U') - snprintf (buf, 1024, "%s", (users == 1) ? - " user" : " users"); + snprintf (buf, 1024, "%d %s", users, + (users == 1) ? "user" : "users"); + else + snprintf (buf, 1024, "%d", users); break; } default: diff --git a/modules/pam_listfile/pam_listfile.c b/modules/pam_listfile/pam_listfile.c index 0ce3e0b1..a473fab1 100644 --- a/modules/pam_listfile/pam_listfile.c +++ b/modules/pam_listfile/pam_listfile.c @@ -131,6 +131,8 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar return onerr; else if(!strcmp(mybuf,"file")) { ifname = (char *)malloc(strlen(myval)+1); + if (!ifname) + return PAM_BUF_ERR; strcpy(ifname,myval); } else if(!strcmp(mybuf,"item")) if(!strcmp(myval,"user")) @@ -161,6 +163,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar strncpy(apply_val,myval,sizeof(apply_val)-1); } } else { + free(ifname); _pam_log(LOG_ERR,LOCAL_LOG_PREFIX "Unknown option: %s",mybuf); return onerr; } @@ -169,6 +172,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar if(!citem) { _pam_log(LOG_ERR, LOCAL_LOG_PREFIX "Unknown item or item not specified"); + free(ifname); return onerr; } else if(!ifname) { _pam_log(LOG_ERR,LOCAL_LOG_PREFIX "List filename not specified"); @@ -176,6 +180,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar } else if(sense == 2) { _pam_log(LOG_ERR, LOCAL_LOG_PREFIX "Unknown sense or sense not specified"); + free(ifname); return onerr; } else if( (apply_type==APPLY_TYPE_NONE) || @@ -206,7 +211,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar int rval; rval=pam_get_user(pamh,&user_name,NULL); - if((rval==PAM_SUCCESS) && user_name[0]) { + if((rval==PAM_SUCCESS) && user_name && user_name[0]) { /* Got it ? Valid ? */ if(apply_type==APPLY_TYPE_USER) { if(strcmp(user_name, apply_val)) { @@ -216,6 +221,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar LOCAL_LOG_PREFIX "don't apply: apply=%s, user=%s", apply_val,user_name); #endif /* DEBUG */ + free(ifname); return PAM_IGNORE; } } else if(apply_type==APPLY_TYPE_GROUP) { @@ -227,6 +233,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar "don't apply: %s not a member of group %s", user_name,apply_val); #endif /* DEBUG */ + free(ifname); return PAM_IGNORE; } } @@ -238,9 +245,11 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar return onerr; } if((citem == PAM_USER) && !citemp) { - pam_get_user(pamh,&citemp,NULL); - if (retval != PAM_SUCCESS) + retval = pam_get_user(pamh,&citemp,NULL); + if (retval != PAM_SUCCESS || !citemp) { + free(ifname); return PAM_SERVICE_ERR; + } } if((citem == PAM_TTY) && citemp) { /* Normalize the TTY name. */ @@ -250,6 +259,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar } if(!citemp || (strlen(citemp) == 0)) { + free(ifname); /* The item was NULL - we are sure not to match */ return sense?PAM_SUCCESS:PAM_AUTH_ERR; } @@ -261,12 +271,14 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar if (userinfo == NULL) { _pam_log(LOG_ERR,LOCAL_LOG_PREFIX "getpwnam(%s) failed", citemp); + free(ifname); return onerr; } grpinfo = _pammodutil_getgrgid(pamh, userinfo->pw_gid); if (grpinfo == NULL) { _pam_log(LOG_ERR,LOCAL_LOG_PREFIX "getgrgid(%d) failed", (int)userinfo->pw_gid); + free(ifname); return onerr; } itemlist[0] = x_strdup(grpinfo->gr_name); @@ -288,6 +300,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar if (userinfo == NULL) { _pam_log(LOG_ERR,LOCAL_LOG_PREFIX "getpwnam(%s) failed", citemp); + free(ifname); return onerr; } citemp = userinfo->pw_shell; @@ -297,6 +310,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar LOCAL_LOG_PREFIX "Internal weirdness, unknown extended item %d", extitem); + free(ifname); return onerr; } } @@ -308,6 +322,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar #endif if(lstat(ifname,&fileinfo)) { _pam_log(LOG_ERR,LOCAL_LOG_PREFIX "Couldn't open %s",ifname); + free(ifname); return onerr; } @@ -318,6 +333,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar _pam_log(LOG_ERR,LOCAL_LOG_PREFIX "%s is either world writable or not a normal file", ifname); + free(ifname); return PAM_AUTH_ERR; } @@ -327,6 +343,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar /* Only report if it's an error... */ _pam_log(LOG_ERR,LOCAL_LOG_PREFIX "Error opening %s", ifname); } + free(ifname); return onerr; } /* There should be no more errors from here on */ diff --git a/modules/pam_mail/pam_mail.c b/modules/pam_mail/pam_mail.c index 2c4b641a..77dae21d 100644 --- a/modules/pam_mail/pam_mail.c +++ b/modules/pam_mail/pam_mail.c @@ -211,6 +211,8 @@ static int get_folder(pam_handle_t *pamh, int ctrl, } /* put folder together */ + + hashcount = hashcount < strlen(user) ? hashcount : strlen(user); if (ctrl & PAM_HOME_MAIL) { folder = malloc(sizeof(MAIL_FILE_FORMAT) diff --git a/modules/pam_motd/pam_motd.c b/modules/pam_motd/pam_motd.c index b1d9c9d9..3ff7a30e 100644 --- a/modules/pam_motd/pam_motd.c +++ b/modules/pam_motd/pam_motd.c @@ -44,6 +44,8 @@ int pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, return PAM_IGNORE; } +static char default_motd[] = DEFAULT_MOTD; + PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv) @@ -51,7 +53,7 @@ int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, int retval = PAM_IGNORE; int fd; char *mtmp=NULL; - const char *motd_path=NULL; + char *motd_path=NULL; struct pam_conv *conversation; struct pam_message message; struct pam_message *pmessage = &message; @@ -67,7 +69,7 @@ int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, motd_path = (char *) strdup(5+*argv); if (motd_path != NULL) { - D(("set motd path: %s (and a memory leak)", motd_path)); + D(("set motd path: %s", motd_path)); } else { D(("failed to duplicate motd path - ignored")); } @@ -75,11 +77,13 @@ int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, } if (motd_path == NULL) - motd_path = DEFAULT_MOTD; + motd_path = default_motd; message.msg_style = PAM_TEXT_INFO; if ((fd = open(motd_path, O_RDONLY, 0)) >= 0) { + if (motd_path != default_motd) + free(motd_path); /* fill in message buffer with contents of motd */ if ((fstat(fd, &st) < 0) || !st.st_size) { close(fd); @@ -108,6 +112,9 @@ int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, } } free(mtmp); + } else { + if (motd_path != default_motd) + free(motd_path); } return retval; diff --git a/modules/pam_stress/pam_stress.c b/modules/pam_stress/pam_stress.c index d45ad300..205c432d 100644 --- a/modules/pam_stress/pam_stress.c +++ b/modules/pam_stress/pam_stress.c @@ -197,9 +197,11 @@ static int stress_get_password(pam_handle_t *pamh, int flags pass = resp[0].resp; /* remember this! */ resp[0].resp = NULL; - } else if (ctrl & PAM_ST_DEBUG) { - _pam_log(LOG_DEBUG,"pam_sm_authenticate: no error reported"); - _pam_log(LOG_DEBUG,"getting password, but NULL returned!?"); + } else { + if (ctrl & PAM_ST_DEBUG) { + _pam_log(LOG_DEBUG,"pam_sm_authenticate: no error reported"); + _pam_log(LOG_DEBUG,"getting password, but NULL returned!?"); + } return PAM_CONV_ERR; } if (resp) diff --git a/modules/pam_succeed_if/pam_succeed_if.c b/modules/pam_succeed_if/pam_succeed_if.c index 23974afa..8a665f52 100644 --- a/modules/pam_succeed_if/pam_succeed_if.c +++ b/modules/pam_succeed_if/pam_succeed_if.c @@ -373,6 +373,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) (long)getuid()); return PAM_SERVICE_ERR; } + user = pwd->pw_name; } else { /* Get the user's name. */ ret = pam_get_user(pamh, &user, prompt); |