diff options
Diffstat (limited to 'src/plugins/auth-pam')
| -rw-r--r-- | src/plugins/auth-pam/Makefile.in | 25 | ||||
| -rw-r--r-- | src/plugins/auth-pam/auth-pam.c | 30 |
2 files changed, 45 insertions, 10 deletions
diff --git a/src/plugins/auth-pam/Makefile.in b/src/plugins/auth-pam/Makefile.in index aee6561..ee67141 100644 --- a/src/plugins/auth-pam/Makefile.in +++ b/src/plugins/auth-pam/Makefile.in @@ -1,7 +1,7 @@ -# Makefile.in generated by automake 1.14.1 from Makefile.am. +# Makefile.in generated by automake 1.15 from Makefile.am. # @configure_input@ -# Copyright (C) 1994-2013 Free Software Foundation, Inc. +# Copyright (C) 1994-2014 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, @@ -22,7 +22,17 @@ VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' +am__is_gnu_make = { \ + if test -z '$(MAKELEVEL)'; then \ + false; \ + elif test -n '$(MAKE_HOST)'; then \ + true; \ + elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ + true; \ + else \ + false; \ + fi; \ +} am__make_running_with_option = \ case $${target_option-} in \ ?) ;; \ @@ -86,8 +96,6 @@ POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ subdir = src/plugins/auth-pam -DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ - $(top_srcdir)/depcomp $(am__dist_doc_DATA_DIST) ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/ax_emptyarray.m4 \ $(top_srcdir)/m4/ax_socklen_t.m4 \ @@ -98,6 +106,8 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/ax_emptyarray.m4 \ $(top_srcdir)/compat.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) +DIST_COMMON = $(srcdir)/Makefile.am $(am__dist_doc_DATA_DIST) \ + $(am__DIST_COMMON) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/config.h CONFIG_CLEAN_FILES = @@ -208,6 +218,7 @@ am__define_uniq_tagged_files = \ done | $(am__uniquify_input)` ETAGS = etags CTAGS = ctags +am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AMTAR = @AMTAR@ @@ -255,6 +266,7 @@ LIBTOOL = @LIBTOOL@ LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ +LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ LZO_CFLAGS = @LZO_CFLAGS@ LZO_LIBS = @LZO_LIBS@ MAKEINFO = @MAKEINFO@ @@ -409,7 +421,6 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/plugins/auth-pam/Makefile'; \ $(am__cd) $(top_srcdir) && \ $(AUTOMAKE) --foreign src/plugins/auth-pam/Makefile -.PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ *config.status*) \ @@ -732,6 +743,8 @@ uninstall-am: uninstall-dist_docDATA uninstall-pluginLTLIBRARIES tags tags-am uninstall uninstall-am uninstall-dist_docDATA \ uninstall-pluginLTLIBRARIES +.PRECIOUS: Makefile + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. diff --git a/src/plugins/auth-pam/auth-pam.c b/src/plugins/auth-pam/auth-pam.c index 95692ab..710accc 100644 --- a/src/plugins/auth-pam/auth-pam.c +++ b/src/plugins/auth-pam/auth-pam.c @@ -39,6 +39,7 @@ #include <stdio.h> #include <string.h> #include <ctype.h> +#include <stdbool.h> #include <unistd.h> #include <stdlib.h> #include <sys/types.h> @@ -47,6 +48,7 @@ #include <fcntl.h> #include <signal.h> #include <syslog.h> +#include <stdint.h> #include <openvpn-plugin.h> @@ -119,17 +121,37 @@ static void pam_server (int fd, const char *service, int verb, const struct name * a pointer to the NEW string. Does not modify the input strings. Will not enter an * infinite loop with clever 'searchfor' and 'replacewith' strings. * Daniel Johnson - Progman2000@usa.net / djohnson@progman.us + * + * Retuns NULL when + * - any parameter is NULL + * - the worst-case result is to large ( >= SIZE_MAX) */ static char * searchandreplace(const char *tosearch, const char *searchfor, const char *replacewith) { + if (!tosearch || !searchfor || !replacewith) return NULL; + + size_t tosearchlen = strlen(tosearch); + size_t replacewithlen = strlen(replacewith); + size_t templen = tosearchlen * replacewithlen; + + if (tosearchlen == 0 || strlen(searchfor) == 0 || replacewithlen == 0) { + return NULL; + } + + bool is_potential_integer_overflow = (templen == SIZE_MAX) || (templen / tosearchlen != replacewithlen); + + if (is_potential_integer_overflow) { + return NULL; + } + + // state: all parameters are valid + const char *searching=tosearch; char *scratch; - char temp[strlen(tosearch)*10]; - temp[0]=0; - if (!tosearch || !searchfor || !replacewith) return 0; - if (!strlen(tosearch) || !strlen(searchfor) || !strlen(replacewith)) return 0; + char temp[templen+1]; + temp[0]=0; scratch = strstr(searching,searchfor); if (!scratch) return strdup(tosearch); |