[Bug 2539] Add missing sanity check for read_passphrase() in auth-pam.c
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Mon Feb 15 10:16:46 AEDT 2016
https://bugzilla.mindrot.org/show_bug.cgi?id=2539
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |dtucker at zip.com.au
Resolution|--- |INVALID
--- Comment #1 from Darren Tucker <dtucker at zip.com.au> ---
(In reply to Bill Parker from comment #0)
> In reviewing code in OpenSSH-7.1p2, it would appear in file
> 'auth-pam.c',
> function 'sshpam_tty_conv()', there is a call to read_passphrase()
> which is not checked for a return value of NULL, indicating failure.
> The patch file below should address/correct this issue:
[...]
> reply[i].resp =
> read_passphrase(PAM_MSG_MEMBER(msg, i,
> msg),
> RP_ALLOW_STDIN);
> + if (reply[i].resp == NULL)
> + goto fail;
Thanks, but read_passphrase() can only return NULL if given the
RP_ALLOW_EOF flag which this code doesn't, so in this case it's
guaranteed to be non-NULL.
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list