Date: 20 Jan 2002 21:01:26 +0100 From: Dag-Erling Smorgrav <des@ofug.org> To: "Andrey A. Chernov" <ache@nagual.pp.ru> Cc: markm@freebsd.org, current@freebsd.org Subject: Re: Step4, pam_opie getpwnam check fix for review Message-ID: <xzp7kqc4wrt.fsf@flood.ping.uio.no> In-Reply-To: <20020120194510.GA24069@nagual.pp.ru> References: <20020120194510.GA24069@nagual.pp.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
"Andrey A. Chernov" <ache@nagual.pp.ru> writes: > Bug: > getpwnum() (or getlogin() in earlier stage) may return NULL under > various complex circumstanes, but following code not expect it and may > cause NULL pointer reference and core dump. > > Fix: > Add check for NULL and return PAM_AUTH_ERR Approved (unless Mark objects). Strictly speaking, I think getlogin() should be replaced with the result of pam_get_item(PAM_RUSER), but that's separate issue. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzp7kqc4wrt.fsf>