summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog6
-rw-r--r--modules/pam_limits/pam_limits.c18
-rw-r--r--modules/pam_loginuid/pam_loginuid.c3
3 files changed, 22 insertions, 5 deletions
diff --git a/ChangeLog b/ChangeLog
index 4a75dd88..5c9374a3 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,11 @@
2007-06-22 Thorsten Kukuk <kukuk@thkukuk.de>
+ * modules/pam_loginuid/pam_loginuid.c (set_loginuid): Print
+ better error message if /proc/self/loginuid cannot be opened.
+
+ * modules/pam_limits/pam_limits.c (process_limit): Check for
+ variable overflow after multiplication [bnc#283001].
+
* modules/pam_access/pam_access.c: Add new syntax for groups
in access.conf to differentiate group names from account names.
Based on patch from Julien Lecomte <julien@famille-lecomte.net>,
diff --git a/modules/pam_limits/pam_limits.c b/modules/pam_limits/pam_limits.c
index f9a91164..bf6f09df 100644
--- a/modules/pam_limits/pam_limits.c
+++ b/modules/pam_limits/pam_limits.c
@@ -374,8 +374,13 @@ process_limit (const pam_handle_t *pamh, int source, const char *lim_type,
switch(limit_item) {
case RLIMIT_CPU:
- if (rlimit_value != RLIM_INFINITY)
- rlimit_value *= 60;
+ if (rlimit_value != RLIM_INFINITY)
+ {
+ if (rlimit_value >= RLIM_INFINITY/60)
+ rlimit_value = RLIM_INFINITY;
+ else
+ rlimit_value *= 60;
+ }
break;
case RLIMIT_FSIZE:
case RLIMIT_DATA:
@@ -385,7 +390,12 @@ process_limit (const pam_handle_t *pamh, int source, const char *lim_type,
case RLIMIT_MEMLOCK:
case RLIMIT_AS:
if (rlimit_value != RLIM_INFINITY)
- rlimit_value *= 1024;
+ {
+ if (rlimit_value >= RLIM_INFINITY/1024)
+ rlimit_value = RLIM_INFINITY;
+ else
+ rlimit_value *= 1024;
+ }
break;
#ifdef RLIMIT_NICE
case RLIMIT_NICE:
@@ -674,7 +684,7 @@ pam_sm_open_session (pam_handle_t *pamh, int flags UNUSED,
out:
globfree(&globbuf);
- if (retval != PAM_SUCCESS)
+ if (retval != PAM_SUCCESS)
{
pam_syslog(pamh, LOG_WARNING, "error parsing the configuration file: '%s' ",CONF_FILE);
return retval;
diff --git a/modules/pam_loginuid/pam_loginuid.c b/modules/pam_loginuid/pam_loginuid.c
index 3e9b4779..13509e7e 100644
--- a/modules/pam_loginuid/pam_loginuid.c
+++ b/modules/pam_loginuid/pam_loginuid.c
@@ -58,7 +58,8 @@ static int set_loginuid(pam_handle_t *pamh, uid_t uid)
if (fd < 0) {
if (errno != ENOENT) {
rc = 1;
- pam_syslog(pamh, LOG_ERR, "set_loginuid failed opening loginuid");
+ pam_syslog(pamh, LOG_ERR,
+ "Cannot open /proc/self/loginuid: %m");
}
return rc;
}