Pick fixes of defects found by ASAN sanitizer

2025-02-23 08:22:53 +00:00 · 2024-05-28 04:40:39 +03:00 · 2024-05-28 04:40:39 +03:00 · 79e1fb33a4
commit 79e1fb33a4
parent e1b62a3417
6 changed files with 189 additions and 1 deletions
--- a/4e8af9027dab25ebff3fa1b6e5542640611778c9.patch
+++ b/4e8af9027dab25ebff3fa1b6e5542640611778c9.patch
@ -0,0 +1,23 @@
+From 4e8af9027dab25ebff3fa1b6e5542640611778c9 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Sat, 5 Aug 2023 17:44:29 +0200
+Subject: [PATCH] pam_start: free handlers on handler init failure
+
+If the pam handlers fail to initialize halfway, clean them up
+afterwards.  Since we set the handle to NULL callers can't clean them.
+---
+ libpam/pam_start.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/libpam/pam_start.c b/libpam/pam_start.c
+index 99dd03898..1fc36b3ed 100644
+--- a/libpam/pam_start.c
+++ b/libpam/pam_start.c
+@@ -143,6 +143,7 @@ static int _pam_start_internal (
+ 
+     if ( _pam_init_handlers(*pamh) != PAM_SUCCESS ) {
+ 	pam_syslog(*pamh, LOG_ERR, "pam_start: failed to initialize handlers");
+	_pam_free_handlers(*pamh);
+ 	_pam_drop_env(*pamh);                 /* purge the environment */
+ 	_pam_drop((*pamh)->pam_conversation);
+ 	_pam_drop((*pamh)->service_name);
--- a/4fbed4be20377e5b1a6e71f572eb28ed049ed3fe.patch
+++ b/4fbed4be20377e5b1a6e71f572eb28ed049ed3fe.patch
@ -0,0 +1,23 @@
+From 4fbed4be20377e5b1a6e71f572eb28ed049ed3fe Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Thu, 4 Jan 2024 17:46:48 +0100
+Subject: [PATCH] tests: avoid NULL dereference in error branch
+
+Reported by cppcheck.
+---
+ tests/tst-pam_getenvlist.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/tests/tst-pam_getenvlist.c b/tests/tst-pam_getenvlist.c
+index 62aea0615..d6abac915 100644
+--- a/tests/tst-pam_getenvlist.c
+++ b/tests/tst-pam_getenvlist.c
+@@ -78,7 +78,7 @@ main (void)
+     {
+       fprintf (stderr,
+ 	       "pam_getenvlist (pamh) does not return pointer to NULL\n");
+-      temp = *ptr;
+      temp = ptr ? *ptr : NULL;
+       var = 0;
+       while (temp)
+ 	{
--- a/9facab2134a9e1142ab3c614e72eb25aaafd0dec.patch
+++ b/9facab2134a9e1142ab3c614e72eb25aaafd0dec.patch
@ -0,0 +1,92 @@
+From 9facab2134a9e1142ab3c614e72eb25aaafd0dec Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Sat, 5 Aug 2023 17:34:42 +0200
+Subject: [PATCH] tests: free handles via pam_end()
+
+Destroy the pam handles via pam_end() to release all associated
+resources.  This allows to run the test-suite with sanitizers and
+validates the resource cleanup in pam_end() and callees.
+---
+ tests/tst-pam_fail_delay.c    | 2 ++
+ tests/tst-pam_getenvlist.c    | 2 ++
+ tests/tst-pam_start.c         | 4 ++++
+ tests/tst-pam_start_confdir.c | 6 ++++++
+ 4 files changed, 14 insertions(+)
+
+diff --git a/tests/tst-pam_fail_delay.c b/tests/tst-pam_fail_delay.c
+index d81c57650..f166ec0df 100644
+--- a/tests/tst-pam_fail_delay.c
+++ b/tests/tst-pam_fail_delay.c
+@@ -67,6 +67,8 @@ main (void)
+       return 1;
+     }
+ 
+  pam_end (pamh, retval);
+
+   /* 2: use NULL pam handle */
+   retval = pam_fail_delay (NULL, 60);
+   if (retval == PAM_SUCCESS)
+diff --git a/tests/tst-pam_getenvlist.c b/tests/tst-pam_getenvlist.c
+index a1184f1a8..62aea0615 100644
+--- a/tests/tst-pam_getenvlist.c
+++ b/tests/tst-pam_getenvlist.c
+@@ -130,5 +130,7 @@ main (void)
+       free (ptr);
+     }
+ 
+  pam_end (pamh, retval);
+
+   return 0;
+ }
+diff --git a/tests/tst-pam_start.c b/tests/tst-pam_start.c
+index 8fa18f74d..23af4fe87 100644
+--- a/tests/tst-pam_start.c
+++ b/tests/tst-pam_start.c
+@@ -66,6 +66,8 @@ main (void)
+       return 1;
+     }
+ 
+  pam_end (pamh, retval);
+
+   /* 2: check with NULL for service */
+   retval = pam_start (NULL, user, &conv, &pamh);
+   if (retval == PAM_SUCCESS)
+@@ -84,6 +86,8 @@ main (void)
+       return 1;
+     }
+ 
+  pam_end (pamh, retval);
+
+ 
+   /* 4: check with NULL for conv */
+   retval = pam_start (service, user, NULL, &pamh);
+diff --git a/tests/tst-pam_start_confdir.c b/tests/tst-pam_start_confdir.c
+index f731b2a55..b57ea573c 100644
+--- a/tests/tst-pam_start_confdir.c
+++ b/tests/tst-pam_start_confdir.c
+@@ -77,6 +77,8 @@ main (void)
+       return 1;
+     }
+ 
+  pam_end (pamh, retval);
+
+   /* 2: check with invalid service */
+   retval = pam_start_confdir (xservice, user, &conv, confdir, &pamh);
+   if (retval == PAM_SUCCESS)
+@@ -86,6 +88,8 @@ main (void)
+       return 1;
+     }
+ 
+  pam_end (pamh, retval);
+
+   /* 3: check with invalid confdir */
+   retval = pam_start_confdir (service, user, &conv, xconfdir, &pamh);
+   if (retval == PAM_SUCCESS)
+@@ -95,5 +99,7 @@ main (void)
+       return 1;
+     }
+ 
+  pam_end (pamh, retval);
+
+   return 0;
+ }
--- a/b2bc6a660a1080e3d4c60ed94b73ae4f94802894.patch
+++ b/b2bc6a660a1080e3d4c60ed94b73ae4f94802894.patch
@ -0,0 +1,21 @@
+From b2bc6a660a1080e3d4c60ed94b73ae4f94802894 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Sat, 5 Aug 2023 18:08:16 +0200
+Subject: [PATCH] pam_faillock: free handle in test
+
+---
+ modules/pam_faillock/tst-pam_faillock-retval.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/modules/pam_faillock/tst-pam_faillock-retval.c b/modules/pam_faillock/tst-pam_faillock-retval.c
+index 133026cb5..0590e951b 100644
+--- a/modules/pam_faillock/tst-pam_faillock-retval.c
+++ b/modules/pam_faillock/tst-pam_faillock-retval.c
+@@ -82,6 +82,7 @@ main(void)
+ 	ASSERT_NE(NULL, pamh);
+ 	ASSERT_EQ(PAM_PERM_DENIED, pam_authenticate(pamh, 0));
+ 	ASSERT_EQ(PAM_PERM_DENIED, pam_authenticate(pamh, 0));
+	ASSERT_EQ(PAM_SUCCESS, pam_end(pamh, 0));
+ 	pamh = NULL;
+ 	ASSERT_EQ(0, unlink(service_file));
+ 
--- a/cee08b7a6ea5d48f8527e3497735466e44445b66.patch
+++ b/cee08b7a6ea5d48f8527e3497735466e44445b66.patch
@ -0,0 +1,23 @@
+From cee08b7a6ea5d48f8527e3497735466e44445b66 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Sat, 5 Aug 2023 17:34:42 +0200
+Subject: [PATCH] tests: free return value of _pam_mkargv()
+
+_pam_mkargv() states that callers should free the returned value since
+otherwise the memory gets leaked.
+---
+ tests/tst-pam_mkargv.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/tests/tst-pam_mkargv.c b/tests/tst-pam_mkargv.c
+index cb005e5ff..17a5a854a 100644
+--- a/tests/tst-pam_mkargv.c
+++ b/tests/tst-pam_mkargv.c
+@@ -50,5 +50,7 @@ int main(void)
+ 	return 1;
+     }
+ 
+  free(myargv);
+
+   return 0;
+ }
--- a/pam.spec
+++ b/pam.spec
@ -15,7 +15,7 @@
 Summary:	A security tool which provides authentication for applications
 Name:		pam
 Version:	1.5.1
-Release:	5
+Release:	6
 Epoch:		1
 # The library is BSD licensed with option to relicense as GPLv2+ - this option is redundant
 # as the BSD license allows that anyway. pam_timestamp and pam_console modules are GPLv2+,
@ -48,6 +48,12 @@ Patch9:		https://src.fedoraproject.org/rpms/pam/raw/master/f/pam-1.5.0-noflex.pa
 Patch33:	https://src.fedoraproject.org/rpms/pam/raw/master/f/pam-1.3.0-unix-nomsg.patch
 # OpenMandriva specific sources/patches

+# https://github.com/linux-pam/linux-pam/pull/597
+Patch41:	9facab2134a9e1142ab3c614e72eb25aaafd0dec.patch
+Patch42:	cee08b7a6ea5d48f8527e3497735466e44445b66.patch
+Patch43:	4fbed4be20377e5b1a6e71f572eb28ed049ed3fe.patch
+Patch44:	4e8af9027dab25ebff3fa1b6e5542640611778c9.patch
+
 # (fl) fix infinite loop
 Patch507:	pam-0.74-loop.patch
 # (fc) 0.75-29mdk don't complain when / is owned by root.adm