From fc78bb8523d8d6a2c90ded155b555e956156c2b1 Mon Sep 17 00:00:00 2001 From: "Andrew G. Morgan" Date: Mon, 26 Nov 2001 06:05:24 +0000 Subject: Relevant BUGIDs: 476947 Purpose of commit: cleanup Commit summary: --------------- be more confident that strings are being initialized correctly from Nalin. --- modules/pam_wheel/pam_wheel.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'modules/pam_wheel') diff --git a/modules/pam_wheel/pam_wheel.c b/modules/pam_wheel/pam_wheel.c index add72bc4..d629819f 100644 --- a/modules/pam_wheel/pam_wheel.c +++ b/modules/pam_wheel/pam_wheel.c @@ -75,10 +75,13 @@ static int is_on_list(char * const *list, const char *member) #define PAM_TRUST_ARG 0x0004 #define PAM_DENY_ARG 0x0010 -static int _pam_parse(int argc, const char **argv, char *use_group) +static int _pam_parse(int argc, const char **argv, char *use_group, + size_t group_length) { int ctrl=0; + memset(use_group, '\0', group_length); + /* step through arguments */ for (ctrl=0; argc-- > 0; ++argv) { @@ -93,7 +96,7 @@ static int _pam_parse(int argc, const char **argv, char *use_group) else if (!strcmp(*argv,"deny")) ctrl |= PAM_DENY_ARG; else if (!strncmp(*argv,"group=",6)) - strcpy(use_group,*argv+6); + strncpy(use_group,*argv+6,group_length-1); else { _pam_log(LOG_ERR,"pam_parse: unknown option; %s",*argv); } @@ -120,8 +123,8 @@ int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc /* Init the optional group */ bzero(use_group,BUFSIZ); - ctrl = _pam_parse(argc, argv, use_group); - retval = pam_get_user(pamh,&username,NULL); + ctrl = _pam_parse(argc, argv, use_group, sizeof(use_group)); + retval = pam_get_user(pamh, &username, NULL); if ((retval != PAM_SUCCESS) || (!username)) { if (ctrl & PAM_DEBUG_ARG) _pam_log(LOG_DEBUG,"can not get the username"); -- cgit v1.2.3