From 9251be9693b1c8c56ed067438858e740cba57570 Mon Sep 17 00:00:00 2001 From: Thorsten Kukuk Date: Mon, 22 May 2006 17:27:54 +0000 Subject: Relevant BUGIDs: 1490956,1489818,1489808,1489792,1489804,1489658,1489634 Purpose of commit: bugfixes Commit summary: --------------- 2006-05-22 Thorsten Kukuk * modules/pam_listfile/pam_listfile.c (pam_sm_authenticate): Fix memory leaks, [#1490956] found by Coverity. * modules/pam_tally/pam_tally.c (pam_get_uid): Check return value of pam_get_user(). (tally_get_data): Check if oldtime is not NULL. [#1489818] found by Coverity. * modules/pam_mkhomedir/pam_mkhomedir.c (create_homedir): Don't ignore return value of stat(). [#1489808] found by Coverity. * modules/pam_mail/pam_mail.c (get_folder): Fix a potential NULL pointer dereference. [#1489792] found by Coverity. * libpam/Makefile.am: bump release number of libpam.so. * libpam/pam_misc.c (_pam_mkargv): Fix memory leak, [#1489804] found by Coverity. * modules/pam_echo/pam_echo.c (replace_and_print): Initialize str, [#1489658] found by Coverity. * modules/pam_cracklib/pam_cracklib.c (_pam_unix_approve_pass): Fix a potential NULL pointer dereference. (pam_sm_chauthtok): Remove dead code. [#1489634] found by Coverity. --- modules/pam_cracklib/pam_cracklib.c | 10 ++-------- modules/pam_echo/pam_echo.c | 2 +- modules/pam_listfile/pam_listfile.c | 10 ++++++++-- modules/pam_mail/pam_mail.c | 10 ++++++++-- modules/pam_mkhomedir/pam_mkhomedir.c | 15 ++++++++++++++- modules/pam_tally/pam_tally.c | 8 ++++++-- 6 files changed, 39 insertions(+), 16 deletions(-) (limited to 'modules') diff --git a/modules/pam_cracklib/pam_cracklib.c b/modules/pam_cracklib/pam_cracklib.c index 091a56f5..2f146fb4 100644 --- a/modules/pam_cracklib/pam_cracklib.c +++ b/modules/pam_cracklib/pam_cracklib.c @@ -473,10 +473,9 @@ static int _pam_unix_approve_pass(pam_handle_t *pamh, if (!msg) { retval = pam_get_item(pamh, PAM_USER, &user); if (retval != PAM_SUCCESS || user == NULL) { - if (ctrl & PAM_DEBUG_ARG) { + if (ctrl & PAM_DEBUG_ARG) pam_syslog(pamh,LOG_ERR,"Can not get username"); - return PAM_AUTHTOK_ERR; - } + return PAM_AUTHTOK_ERR; } msg = check_old_password(user, pass_new); } @@ -663,11 +662,6 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags, */ _pam_drop(resp); } else { - retval = (retval == PAM_SUCCESS) ? - PAM_AUTHTOK_RECOVERY_ERR:retval ; - } - - if (retval != PAM_SUCCESS) { if (ctrl && PAM_DEBUG_ARG) pam_syslog(pamh, LOG_DEBUG, "unable to obtain the password a second time"); diff --git a/modules/pam_echo/pam_echo.c b/modules/pam_echo/pam_echo.c index e138c3df..61826437 100644 --- a/modules/pam_echo/pam_echo.c +++ b/modules/pam_echo/pam_echo.c @@ -67,7 +67,7 @@ replace_and_print (pam_handle_t *pamh, const char *mesg) char *output; size_t length = strlen (mesg) + PAM_MAX_MSG_SIZE; char myhostname[HOST_NAME_MAX+1]; - const void *str; + const void *str = NULL; const char *p, *q; int item; size_t len; diff --git a/modules/pam_listfile/pam_listfile.c b/modules/pam_listfile/pam_listfile.c index 69384be6..1545fe03 100644 --- a/modules/pam_listfile/pam_listfile.c +++ b/modules/pam_listfile/pam_listfile.c @@ -108,16 +108,21 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, onerr = PAM_SUCCESS; else if(!strcmp(myval,"fail")) onerr = PAM_SERVICE_ERR; - else + else { + if (ifname) free (ifname); return PAM_SERVICE_ERR; + } else if(!strcmp(mybuf,"sense")) if(!strcmp(myval,"allow")) sense=0; else if(!strcmp(myval,"deny")) sense=1; - else + else { + if (ifname) free (ifname); return onerr; + } else if(!strcmp(mybuf,"file")) { + if (ifname) free (ifname); ifname = (char *)malloc(strlen(myval)+1); if (!ifname) return PAM_BUF_ERR; @@ -176,6 +181,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, ) { pam_syslog(pamh,LOG_ERR, "Invalid usage for apply= parameter"); + free (ifname); return onerr; } diff --git a/modules/pam_mail/pam_mail.c b/modules/pam_mail/pam_mail.c index 5eb3488b..7d43d5e0 100644 --- a/modules/pam_mail/pam_mail.c +++ b/modules/pam_mail/pam_mail.c @@ -1,8 +1,6 @@ /* pam_mail module */ /* - * $Id$ - * * Written by Andrew Morgan 1996/3/11 * $HOME additions by David Kinchlea 1997/1/7 * mailhash additions by Chris Adams 1998/7/11 @@ -174,6 +172,14 @@ get_folder(pam_handle_t *pamh, int ctrl, retval = PAM_BUF_ERR; if (ctrl & PAM_HOME_MAIL) { + if (pwd == NULL) { + pwd = pam_modutil_getpwnam(pamh, user); + if (pwd == NULL) { + pam_syslog(pamh, LOG_ERR, "user unknown"); + retval = PAM_USER_UNKNOWN; + goto get_folder_cleanup; + } + } if (asprintf(&folder, MAIL_FILE_FORMAT, pwd->pw_dir, "", path) < 0) goto get_folder_cleanup; } else { diff --git a/modules/pam_mkhomedir/pam_mkhomedir.c b/modules/pam_mkhomedir/pam_mkhomedir.c index 799d19fc..216f252a 100644 --- a/modules/pam_mkhomedir/pam_mkhomedir.c +++ b/modules/pam_mkhomedir/pam_mkhomedir.c @@ -341,7 +341,20 @@ create_homedir (pam_handle_t * pamh, int ctrl, return PAM_PERM_DENIED; } - stat(newsource,&St); + if (stat(newsource,&St) != 0) + { + pam_syslog(pamh, LOG_DEBUG, "unable to stat src file %s: %m", + newsource); + close(SrcFd); + closedir(D); + +#ifndef PATH_MAX + free(newsource); newsource = NULL; + free(newdest); newdest = NULL; +#endif + + return PAM_PERM_DENIED; + } /* Open the dest file */ if ((DestFd = open(newdest,O_WRONLY | O_TRUNC | O_CREAT,0600)) < 0) diff --git a/modules/pam_tally/pam_tally.c b/modules/pam_tally/pam_tally.c index f3642c34..12cb5bfa 100644 --- a/modules/pam_tally/pam_tally.c +++ b/modules/pam_tally/pam_tally.c @@ -231,7 +231,10 @@ pam_get_uid(pam_handle_t *pamh, uid_t *uid, const char **userp, struct tally_opt #ifdef MAIN user = cline_user; #else - pam_get_user( pamh, &user, NULL ); + if ((pam_get_user( pamh, &user, NULL )) != PAM_SUCCESS) { + pam_syslog(pamh, LOG_ERR, "pam_get_user; user?"); + return PAM_AUTH_ERR; + } #endif if ( !user || !*user ) { @@ -288,7 +291,8 @@ tally_get_data( pam_handle_t *pamh, time_t *oldtime ) } else { rv = -1; - *oldtime = 0; + if (oldtime) + *oldtime = 0; } return rv; } -- cgit v1.2.3