Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 17 Jan 2017 10:29:48 +0000
From:      bugzilla-noreply@freebsd.org
To:        freebsd-bugs@FreeBSD.org
Subject:   [Bug 216172] incorrect use of  pam_get_item return value in libpam
Message-ID:  <bug-216172-8@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D216172

            Bug ID: 216172
           Summary: incorrect use of  pam_get_item return value in libpam
           Product: Base System
           Version: 11.0-STABLE
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: bin
          Assignee: freebsd-bugs@FreeBSD.org
          Reporter: patrick-fbsd@mindstep.com

In pam_get_authtok the code tests if pam_get_item succeeds with a simple
if(pam_get_item(...)) call. However on success pam_get_item returns
'PAM_SUCCESS' which value is 0.

In libpam the effect of this bug is that custom prompts provided by
applications using pam_set_item() are never used. This is more a cosmetic b=
ug
than anything else.


Below are 2 diffs that fixes the issue in libpam:

-chroot- diff -up pam_get_authtok.c.orig pam_get_authtok.c
--- pam_get_authtok.c.orig      2017-01-11 18:15:11.538423000 +0000
+++ pam_get_authtok.c   2017-01-13 11:50:27.688031000 +0000
@@ -123,7 +123,7 @@ pam_get_authtok(pam_handle_t *pamh,
                prompt =3D promptp;
        /* no prompt provided, see if there is one tucked away somewhere */
        if (prompt =3D=3D NULL)
-               if (pam_get_item(pamh, pitem, &promptp) && promptp !=3D NUL=
L)
+               if (pam_get_item(pamh, pitem, &promptp) =3D=3D PAM_SUCCESS =
&&
promptp !=3D NULL)
                        prompt =3D promptp;
        /* fall back to hardcoded default */
        if (prompt =3D=3D NULL)





-chroot- diff -up pam_get_user.c.orig pam_get_user.c
--- pam_get_user.c.orig 2017-01-13 11:55:19.971565000 +0000
+++ pam_get_user.c      2017-01-13 11:55:33.291977000 +0000
@@ -79,7 +79,7 @@ pam_get_user(pam_handle_t *pamh,
                prompt =3D promptp;
        /* no prompt provided, see if there is one tucked away somewhere */
        if (prompt =3D=3D NULL)
-               if (pam_get_item(pamh, PAM_USER_PROMPT, &promptp) &&
+               if (pam_get_item(pamh, PAM_USER_PROMPT, &promptp) =3D=3D
PAM_SUCCESS &&
                    promptp !=3D NULL)
                        prompt =3D promptp;
        /* fall back to hardcoded default */

--=20
You are receiving this mail because:
You are the assignee for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-216172-8>