Author: des
Date: Tue Dec 13 13:02:52 2011
New Revision: 228466
URL: http://svn.freebsd.org/changeset/base/228466
Log:
MFH r228384: validate the service name
Security: some poorly thought out programs allow the user to specify
the service name; this patch makes it harder to trick these
programs into loading and executing arbitrary code.
Modified:
stable/8/contrib/openpam/lib/openpam_configure.c
Directory Properties:
stable/8/contrib/openpam/ (props changed)
Modified: stable/8/contrib/openpam/lib/openpam_configure.c
==============================================================================
--- stable/8/contrib/openpam/lib/openpam_configure.c Tue Dec 13 13:02:31
2011 (r228465)
+++ stable/8/contrib/openpam/lib/openpam_configure.c Tue Dec 13 13:02:52
2011 (r228466)
@@ -285,6 +285,13 @@ openpam_load_chain(pam_handle_t *pamh,
size_t len;
int r;
+ /* don't allow to escape from policy_path */
+ if (strchr(service, '/')) {
+ openpam_log(PAM_LOG_ERROR, "invalid service name: %s",
+ service);
+ return (-PAM_SYSTEM_ERR);
+ }
+
for (path = openpam_policy_path; *path != NULL; ++path) {
len = strlen(*path);
if ((*path)[len - 1] == '/') {
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
