From owner-svn-src-head@freebsd.org Sun Mar 12 19:28:18 2017 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 75658D099F9 for ; Sun, 12 Mar 2017 19:28:18 +0000 (UTC) (envelope-from pfg@FreeBSD.org) Received: from nm21-vm3.bullet.mail.ne1.yahoo.com (nm21-vm3.bullet.mail.ne1.yahoo.com [98.138.91.151]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 48D871BCB for ; Sun, 12 Mar 2017 19:28:18 +0000 (UTC) (envelope-from pfg@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1489346891; bh=hc290taOLmOTCF1Af7JWdWhCY3/TP0F3bS2yaaW2sgY=; h=Subject:To:References:From:Date:In-Reply-To:From:Subject; b=ReUAGnDUEFFn4uAJB98PVGH2fxVpdDN2FkzZhqfA7M96Lc2AypT2UpaSBbJul+mxE3egPAyCLp9UhEQQP7xI1uLDWqcCJDnPusj/GVd0jYcKQE/3g6/azNoekQpWoZ4TYSbfvmAq263FY755PB3cZBjyhcfmNprfFd4Lms7I/6FA/XBKNmtlXhq1HtMyLO/EkmFm2gL7ktNUXCJcoHxNb6z4TX0Zm43IZSUUbmLpLJzKcmIE1XUjVGdfK/OdoABaa75dnJ9yk2bsk+nfxqjeRPHrxVdaqPKnk/n1zupxp223V0cxTV8/464RKW7Z6Sk6d+a7YVt3uCSbQsLenRcBJg== Received: from [98.138.101.129] by nm21.bullet.mail.ne1.yahoo.com with NNFMP; 12 Mar 2017 19:28:11 -0000 Received: from [98.138.104.113] by tm17.bullet.mail.ne1.yahoo.com with NNFMP; 12 Mar 2017 19:28:11 -0000 Received: from [127.0.0.1] by smtp222.mail.ne1.yahoo.com with NNFMP; 12 Mar 2017 19:28:11 -0000 X-Yahoo-Newman-Id: 421483.71081.bm@smtp222.mail.ne1.yahoo.com X-Yahoo-Newman-Property: ymail-3 X-YMail-OSG: ctAxCbEVM1muwk9UTHASqPbElz6Gs0yZ0UjMncKbO.3sAQ8 MOSA.SvHTHw5dojuUWNlvbB34dUJ27PuWRPG1vjWk6Dcyh8iEDYRIXO0N2Li 8lTXSHDUC1sD2vbqXm6eBJ1sF6ZjX0Yo11qeL.OfOZkwANoppkMeR1igaFEC 9jUsjQeiiTuxQN0qKlGAbwwFzxo.UDjBLVkIXSvPK1FUahiOnZeue73YMcMo .ucIMjvdUZtyUdq_jP26bzyL1u.MzICJfdiLK1RAutNZDeyXrX7TKTLdZevP txEB6Zw2oydfe8kK_uT1al_cpbQUQjn8H5zlNDDkkovi6kNU3C1IJJsvIXuc E4l76VHjfza3.8MfkTg5zzqiUp7zBvI.nxXcC_Zf56BbFJelUQqhMvHTW7ll 0uNVVxpx.GHv9iPD_Wf5bnYcjItC34bjxzl0e_MPO9cf1NcrOJy.3knMhtYG tsA_q_0fpxD4KWH8mPe5q3JfC.8MXj6nWs3uRIdoelLBVifvA2jwSX0wIX9j 6y0dwvtImiy.lUI3PgYJYMVqvFZl.V1wj0ZKbznzxHR0f_eY- X-Yahoo-SMTP: xcjD0guswBAZaPPIbxpWwLcp9Unf Subject: Re: svn commit: r314780 - head/lib/libpam/modules/pam_exec To: Ian Lepore , Lawrence Stewart , src-committers@freebsd.org, =?UTF-8?Q?Dag-Erling_Sm=c3=b8rgrav?= , svn-src-head@freebsd.org References: <201703061545.v26FjkNI027057@repo.freebsd.org> <739617a4-3eed-28d1-73e4-86d25d6d5fed@freebsd.org> <1839903b-fb05-bf3f-17bb-697afca9ecb7@FreeBSD.org> <1489341856.40576.88.camel@freebsd.org> From: Pedro Giffuni Message-ID: <374fa6f7-9e02-7c50-ccde-7f2c5386123e@FreeBSD.org> Date: Sun, 12 Mar 2017 14:31:17 -0500 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <1489341856.40576.88.camel@freebsd.org> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 12 Mar 2017 19:28:18 -0000 On 3/12/2017 1:04 PM, Ian Lepore wrote: > On Sun, 2017-03-12 at 12:30 -0500, Pedro Giffuni wrote: >> On 3/12/2017 12:14 PM, Lawrence Stewart wrote: >>> Hi Pedro, >>> >>> On 07/03/2017 02:45, Pedro F. Giffuni wrote: >>>> Author: pfg >>>> Date: Mon Mar 6 15:45:46 2017 >>>> New Revision: 314780 >>>> URL: https://svnweb.freebsd.org/changeset/base/314780 >>>> >>>> Log: >>>> libpam: extra bounds checking through reallocarray(3). >>>> >>>> Reviewed by: des >>>> MFC after: 1 week >>>> >>>> Modified: >>>> head/lib/libpam/modules/pam_exec/pam_exec.c >>>> >>>> Modified: head/lib/libpam/modules/pam_exec/pam_exec.c >>>> ================================================================= >>>> ============= >>>> --- head/lib/libpam/modules/pam_exec/pam_exec.c Mon Mar 6 >>>> 15:42:03 2017 (r314779) >>>> +++ head/lib/libpam/modules/pam_exec/pam_exec.c Mon Mar 6 >>>> 15:45:46 2017 (r314780) >>>> @@ -138,7 +138,7 @@ _pam_exec(pam_handle_t *pamh __unused, >>>> nitems = sizeof(env_items) / sizeof(*env_items); >>>> /* Count PAM return values put in the environment. */ >>>> nitems_rv = options->return_prog_exit_status ? >>>> PAM_RV_COUNT : 0; >>>> - tmp = realloc(envlist, (envlen + nitems + 1 + nitems_rv >>>> + 1) * >>>> + tmp = reallocarray(envlist, envlen + nitems + 1 + >>>> nitems_rv + 1, >>>> sizeof(*envlist)); >>>> if (tmp == NULL) { >>>> openpam_free_envlist(envlist); >>>> >>> This commit breaks pam_exec for me... without this change I see the >>> expected PAM_* environment variables from my execed script, but >>> with >>> this change I no longer see any of them. >> Thanks for the report. >> >> It seems strange this can cause any failure. Perhaps there is a >> latent >> overflow here and we have been living with it? I will revert while it >> is >> investigated. >> >> BTW, the "nitems" variable may conflict with nitems() in sys/param.h. >> > A quirk of C that's often forgotten is that a function-like macro is > only expanded as a macro if the token following the macro name is an > open paren. So nitems() is a macro invokation and nitems = 0; is just > a variable. > > I'm not arguing against the replacement of variables named nitems, I > actually think that should have been done as part of importing the > function-like definition of nitems from netbsd. I am not worried about 'nitems', which is actually FreeBSD-native (NetBSD has another name for it). I do think reallocarray() found an underlying issue here though. Pedro.