From fd1b9361a937f8b565d0d55179da359122e1fc96 Mon Sep 17 00:00:00 2001
From: Thorsten Kukuk <kukuk@thkukuk.de>
Date: Wed, 25 Mar 2009 10:54:23 +0000
Subject: Relevant BUGIDs: 2487654

Purpose of commit: bugfix

Commit summary:
---------------

2009-03-25  Thorsten Kukuk  <kukuk@thkukuk.de>

        * modules/pam_mkhomedir/pam_mkhomedir.c: Make option handling
        reentrant (#2487654)
        (_pam_parse): Fix umask option.

        * modules/pam_unix/passverify.c: Fix typo.

        * modules/pam_issue/pam_issue.c: Fix compiler warning.
        * modules/pam_ftp/pam_ftp.c: Likewise.
---
 modules/pam_ftp/pam_ftp.c             |  2 +-
 modules/pam_issue/pam_issue.c         |  2 +-
 modules/pam_mkhomedir/pam_mkhomedir.c | 57 ++++++++++++++++++-----------------
 modules/pam_unix/passverify.c         |  2 +-
 4 files changed, 33 insertions(+), 30 deletions(-)

(limited to 'modules')

diff --git a/modules/pam_ftp/pam_ftp.c b/modules/pam_ftp/pam_ftp.c
index 7c546511..a124795b 100644
--- a/modules/pam_ftp/pam_ftp.c
+++ b/modules/pam_ftp/pam_ftp.c
@@ -172,7 +172,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
 	  /* XXX: Some effort should be made to verify this email address! */
 
 	    if (!(ctrl & PAM_IGNORE_EMAIL)) {
-		char *sptr;
+		char *sptr = NULL;
 		token = strtok_r(resp, "@", &sptr);
 		retval = pam_set_item(pamh, PAM_RUSER, token);
 
diff --git a/modules/pam_issue/pam_issue.c b/modules/pam_issue/pam_issue.c
index 7a8a24d5..060baada 100644
--- a/modules/pam_issue/pam_issue.c
+++ b/modules/pam_issue/pam_issue.c
@@ -145,7 +145,7 @@ read_issue_raw(pam_handle_t *pamh, FILE *fp, char **prompt)
 	return PAM_BUF_ERR;
     }
 
-    if (fread(issue, 1, st.st_size, fp) != st.st_size) {
+    if ((off_t)fread(issue, 1, st.st_size, fp) != st.st_size) {
 	pam_syslog(pamh, LOG_ERR, "read error: %m");
 	_pam_drop(issue);
 	return PAM_SERVICE_ERR;
diff --git a/modules/pam_mkhomedir/pam_mkhomedir.c b/modules/pam_mkhomedir/pam_mkhomedir.c
index 419b525a..b81708f2 100644
--- a/modules/pam_mkhomedir/pam_mkhomedir.c
+++ b/modules/pam_mkhomedir/pam_mkhomedir.c
@@ -64,50 +64,52 @@
 #define MKHOMEDIR_DEBUG      020	/* be verbose about things */
 #define MKHOMEDIR_QUIET      040	/* keep quiet about things */
 
-static char UMask[16] = "0022";
-static char SkelDir[BUFSIZ] = "/etc/skel"; /* THIS MODULE IS NOT THREAD SAFE */
+struct options_t {
+  int ctrl;
+  const char *umask;
+  const char *skeldir;
+};
+typedef struct options_t options_t;
 
-static int
-_pam_parse (const pam_handle_t *pamh, int flags, int argc, const char **argv)
+static void
+_pam_parse (const pam_handle_t *pamh, int flags, int argc, const char **argv,
+	    options_t *opt)
 {
-   int ctrl = 0;
+   opt->ctrl = 0;
+   opt->umask = "0022";
+   opt->skeldir = "/etc/skel";
 
    /* does the appliction require quiet? */
    if ((flags & PAM_SILENT) == PAM_SILENT)
-      ctrl |= MKHOMEDIR_QUIET;
+      opt->ctrl |= MKHOMEDIR_QUIET;
 
    /* step through arguments */
    for (; argc-- > 0; ++argv)
    {
       if (!strcmp(*argv, "silent")) {
-	 ctrl |= MKHOMEDIR_QUIET;
+	 opt->ctrl |= MKHOMEDIR_QUIET;
       } else if (!strcmp(*argv, "debug")) {
-         ctrl |= MKHOMEDIR_DEBUG;
+         opt->ctrl |= MKHOMEDIR_DEBUG;
       } else if (!strncmp(*argv,"umask=",6)) {
-	 strncpy(SkelDir,*argv+6,sizeof(UMask));
-	 UMask[sizeof(UMask)-1] = '\0';
+	 opt->umask = *argv+6;
       } else if (!strncmp(*argv,"skel=",5)) {
-	 strncpy(SkelDir,*argv+5,sizeof(SkelDir));
-	 SkelDir[sizeof(SkelDir)-1] = '\0';
+	 opt->skeldir = *argv+5;
       } else {
 	 pam_syslog(pamh, LOG_ERR, "unknown option: %s", *argv);
       }
    }
-
-   D(("ctrl = %o", ctrl));
-   return ctrl;
 }
 
 /* Do the actual work of creating a home dir */
 static int
-create_homedir (pam_handle_t *pamh, int ctrl,
+create_homedir (pam_handle_t *pamh, options_t *opt,
 		const struct passwd *pwd)
 {
    int retval, child;
    struct sigaction newsa, oldsa;
 
    /* Mention what is happening, if the notification fails that is OK */
-   if (!(ctrl & MKHOMEDIR_QUIET))
+   if (!(opt->ctrl & MKHOMEDIR_QUIET))
       pam_info(pamh, _("Creating directory '%s'."), pwd->pw_dir);
 
 
@@ -121,8 +123,8 @@ create_homedir (pam_handle_t *pamh, int ctrl,
    memset(&newsa, '\0', sizeof(newsa));
    newsa.sa_handler = SIG_DFL;
    sigaction(SIGCHLD, &newsa, &oldsa);
- 
-   if (ctrl & MKHOMEDIR_DEBUG) {
+
+   if (opt->ctrl & MKHOMEDIR_DEBUG) {
         pam_syslog(pamh, LOG_DEBUG, "Executing mkhomedir_helper.");
    }
 
@@ -145,8 +147,8 @@ create_homedir (pam_handle_t *pamh, int ctrl,
 	/* exec the mkhomedir helper */
 	args[0] = x_strdup(MKHOMEDIR_HELPER);
 	args[1] = pwd->pw_name;
-	args[2] = UMask;
-	args[3] = SkelDir;
+	args[2] = x_strdup(opt->umask);
+	args[3] = x_strdup(opt->skeldir);
 
 	execve(MKHOMEDIR_HELPER, args, envp);
 
@@ -173,11 +175,11 @@ create_homedir (pam_handle_t *pamh, int ctrl,
 
    sigaction(SIGCHLD, &oldsa, NULL);   /* restore old signal handler */
 
-   if (ctrl & MKHOMEDIR_DEBUG) {
+   if (opt->ctrl & MKHOMEDIR_DEBUG) {
         pam_syslog(pamh, LOG_DEBUG, "mkhomedir_helper returned %d", retval);
    }
 
-   if (retval != PAM_SUCCESS && !(ctrl & MKHOMEDIR_QUIET)) {
+   if (retval != PAM_SUCCESS && !(opt->ctrl & MKHOMEDIR_QUIET)) {
 	pam_error(pamh, _("Unable to create and initialize directory '%s'."),
 	    pwd->pw_dir);
    }
@@ -192,13 +194,14 @@ PAM_EXTERN int
 pam_sm_open_session (pam_handle_t *pamh, int flags, int argc,
 		     const char **argv)
 {
-   int retval, ctrl;
+   int retval;
+   options_t opt;
    const void *user;
    const struct passwd *pwd;
    struct stat St;
 
    /* Parse the flag values */
-   ctrl = _pam_parse(pamh, flags, argc, argv);
+   _pam_parse(pamh, flags, argc, argv, &opt);
 
    /* Determine the user name so we can get the home directory */
    retval = pam_get_item(pamh, PAM_USER, &user);
@@ -220,14 +223,14 @@ pam_sm_open_session (pam_handle_t *pamh, int flags, int argc,
    /* Stat the home directory, if something exists then we assume it is
       correct and return a success*/
    if (stat(pwd->pw_dir, &St) == 0) {
-      if (ctrl & MKHOMEDIR_DEBUG) {
+      if (opt.ctrl & MKHOMEDIR_DEBUG) {
           pam_syslog(pamh, LOG_DEBUG, "Home directory %s already exists.",
               pwd->pw_dir);
       }
       return PAM_SUCCESS;
    }
 
-   return create_homedir(pamh, ctrl, pwd);
+   return create_homedir(pamh, &opt, pwd);
 }
 
 /* Ignore */
diff --git a/modules/pam_unix/passverify.c b/modules/pam_unix/passverify.c
index 0575f657..8cf95c33 100644
--- a/modules/pam_unix/passverify.c
+++ b/modules/pam_unix/passverify.c
@@ -1011,7 +1011,7 @@ su_sighandler(int sig)
         /* emulate the behaviour of the SA_RESETHAND flag */
         if ( sig == SIGILL || sig == SIGTRAP || sig == SIGBUS || sig = SIGSERV ) {
 		struct sigaction sa;
-		memset(&sa, '\0, sizeof(sa));
+		memset(&sa, '\0', sizeof(sa));
 		sa.sa_handler = SIG_DFL;
                 sigaction(sig, &sa, NULL);
 	}
-- 
cgit v1.2.3