Djam/pam
1
0
Fork 0
mirror of https://abf.rosa.ru/djam/pam.git synced 2025-02-23 16:32:51 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Svace fix

Browse source
This commit is contained in:
survolog (Andrey Grigorev) 2024-07-17 09:02:22 +03:00
parent 79e1fb33a4
commit bd0f04b76c
2 changed files with 45 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

42
pam-1.5.1-svace-confirmed-fixes.patch Normal file
View file

@ -0,0 +1,42 @@
From d91212a8d4f2573567ecd93bc52a0d623329f620 Mon Sep 17 00:00:00 2001
From: HisShadow <shadowpilot34@gmail.com>
Date: Tue, 16 Jul 2024 08:57:22 +0000
Subject: [PATCH] svace confirmed fixes
---
modules/pam_console/handlers.c | 1 +
modules/pam_console/pam_console.c | 5 ++++-
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/modules/pam_console/handlers.c b/modules/pam_console/handlers.c
index ec097c6..b122c98 100644
--- a/modules/pam_console/handlers.c
+++ b/modules/pam_console/handlers.c
@@ -144,6 +144,7 @@ console_parse_handlers (pam_handle_t *pamh, const char *handlers_name) {
return PAM_SUCCESS;
fail_exit:
+ forget = fclose(fh);
console_free_handlers(first_handler);
return rv;
}
diff --git a/modules/pam_console/pam_console.c b/modules/pam_console/pam_console.c
index 11a8205..104bed5 100644
--- a/modules/pam_console/pam_console.c
+++ b/modules/pam_console/pam_console.c
@@ -152,8 +152,11 @@ try_xsocket(const char *path, size_t len) {
memset(&addr, 0, sizeof(addr));
addr.su.sun_family = AF_UNIX;
- if (len > sizeof(addr.su.sun_path))
+ if (len > sizeof(addr.su.sun_path)) {
+ close(fd);
return 0;
+ }
+
memcpy(addr.su.sun_path, path, len);
if (connect(fd, &addr.sa, sizeof(addr.su) - (sizeof(addr.su.sun_path) - len)) == 0) {
close(fd);
--
2.45.2

4
pam.spec
View file

@ -15,7 +15,7 @@
Summary: A security tool which provides authentication for applications
Name: pam
Version: 1.5.1
Release: 6
Release: 7
Epoch: 1
# The library is BSD licensed with option to relicense as GPLv2+ - this option is redundant
# as the BSD license allows that anyway. pam_timestamp and pam_console modules are GPLv2+,
@ -40,6 +40,8 @@ Source16: smartcard-auth.pamd
Source501: pam_tty_audit.8
Source502: README
Patch0: pam-1.5.1-svace-confirmed-fixes.patch
# RedHat patches
Patch1: https://src.fedoraproject.org/rpms/pam/raw/master/f/pam-1.5.0-redhat-modules.patch
Patch9: https://src.fedoraproject.org/rpms/pam/raw/master/f/pam-1.5.0-noflex.patch