From a6f4ab0bebc76acf85cc0244bd21c1036009c28c Mon Sep 17 00:00:00 2001 From: Steve Langasek Date: Wed, 2 Jan 2019 12:24:44 -0800 Subject: fix-up commit for grafting svn history onto git history --- .../patches-applied/pam_env_ignore_garbage.patch | 46 ++++++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100644 debian/patches-applied/pam_env_ignore_garbage.patch (limited to 'debian/patches-applied/pam_env_ignore_garbage.patch') diff --git a/debian/patches-applied/pam_env_ignore_garbage.patch b/debian/patches-applied/pam_env_ignore_garbage.patch new file mode 100644 index 00000000..b224a02b --- /dev/null +++ b/debian/patches-applied/pam_env_ignore_garbage.patch @@ -0,0 +1,46 @@ +Patch for Debian bug #439984 + +pam_env was not correctly skipping over non-alphanumeric variable names, +and was not handling the PAM_BAD_ITEM error return from pam_putenv() +when clearing an unset variable. + +Authors: Steve Langasek + +Upstream status: submitted in <20070830222058.GA9984@dario.dodds.net> + +Index: pam/Linux-PAM/modules/pam_env/pam_env.c +=================================================================== +--- pam.orig/Linux-PAM/modules/pam_env/pam_env.c ++++ pam/Linux-PAM/modules/pam_env/pam_env.c +@@ -232,9 +232,14 @@ + + for ( i = 0 ; key[i] != '=' && key[i] != '\0' ; i++ ) + if (!isalnum(key[i]) && key[i] != '_') { +- D(("key is not alpha numeric - '%s', ignoring", key)); +- continue; ++ pam_syslog(pamh, LOG_ERR, ++ "non-alphanumeric key '%s' in %s', ignoring", ++ key, file); ++ break; + } ++ /* non-alphanumeric key, ignore this line */ ++ if (key[i] != '=' && key[i] != '\0') ++ continue; + + /* now we try to be smart about quotes around the value, + but not too smart, we can't get all fancy with escaped +@@ -248,6 +253,14 @@ + key[i] = '\0'; + } + ++ /* if this is a request to delete a variable, check that it's ++ actually set first, so we don't get a vague error back from ++ pam_putenv() */ ++ for (i = 0; key[i] != '=' && key[i] != '\0'; i++); ++ ++ if (key[i] == '\0' && !pam_getenv(pamh,key)) ++ continue; ++ + /* set the env var, if it fails, we break out of the loop */ + retval = pam_putenv(pamh, key); + if (retval != PAM_SUCCESS) { -- cgit v1.2.3