PAM kbd-int with privsep
Frank Cusack
fcusack at fcusack.com
Wed Jun 26 14:33:36 EST 2002
On Tue, Jun 25, 2002 at 06:24:46AM -0400, Niels Provos wrote:
> On Tue, Jun 25, 2002 at 11:52:55AM +1000, Damien Miller wrote:
> > The following is a patch (based on FreeBSD code) which gets kbd-int
> > working with privsep. It moves the kbd-int PAM conversation to a child
> > process and communicates with it over a socket.
> > + va_start(ap, fmt);
> > + len = vsnprintf(buf, sizeof(buf), fmt, ap);
> > + va_end(ap);
> > + if (len == -1 || len > sizeof(buf))
> > + fatal("sshpam_send: message too long");
> The check on the vsnprintf length is off by one. It should be
> len >= sizeof(buf):
>
> These functions return the number of characters printed (not
> including the trailing `\0' used to end output to strings), except for
> snprintf() and vsnprintf(), which return the number of characters that
> would have been printed if the size were unlimited (again, not
> including the final `\0').
That's only for the C99 version of snprintf(). There are several versions
which return several different values, one of which returns the number
of characters actually placed into the buffer (ie, max = sizeof(buf)).
More information about the openssh-unix-dev
mailing list