From debe27335e10d06aa16a5ac2148fe8a74675ca2c Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tmraz@fedoraproject.org>
Date: Wed, 13 Aug 2014 15:01:32 +0200
Subject: pam_tally2: Avoid uninitialized use of fileinfo.

Problem found by Robin Hack <rhack@redhat.com>.
modules/pam_tally2/pam_tally2.c (get_tally): Do not depend on file size
just try to read it.
---
 modules/pam_tally2/pam_tally2.c | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/modules/pam_tally2/pam_tally2.c b/modules/pam_tally2/pam_tally2.c
index 09e85855..f5eebb10 100644
--- a/modules/pam_tally2/pam_tally2.c
+++ b/modules/pam_tally2/pam_tally2.c
@@ -451,11 +451,8 @@ skip_open:
 	alarm(oldalarm);
     }
 
-    if (fileinfo.st_size < (off_t)(uid+1)*(off_t)sizeof(*tally)) {
+    if (pam_modutil_read(*tfile, void_tally, sizeof(*tally)) != sizeof(*tally)) {
 	memset(tally, 0, sizeof(*tally));
-    } else if (pam_modutil_read(*tfile, void_tally, sizeof(*tally)) != sizeof(*tally)) {
-	memset(tally, 0, sizeof(*tally));
-	/* Shouldn't happen */
     }
 
     tally->fail_line[sizeof(tally->fail_line)-1] = '\0';
-- 
cgit v1.2.3