OpenSSH Linux portable patch proposal
Ángel González
keisial at gmail.com
Wed Jun 3 08:01:55 AEST 2015
On 02/06/15 15:46, György Demarcsek Ifj. wrote:
> So I have made a PoC implementation that I think does the trick:
>
> https://github.com/dgyuri92/openssh-portable/commit/4a006cad8e3f8b9277ce41747d11261175c161e2
>
> Would you be so kind as to take a look at it?
Minor cosmetic issue: you added space-indented lines to auth-pam.c,
auth.h, auth2.c and session.c (last chunk), but those files are
tab-indented.
You also removed a number of trailing spaces from the files, which make
the patch harder to read.
> + } else {
> + am_copy = xstrdup(authctxt->last_auth_methods);
> + free(authctxt->last_auth_methods);
> + authctxt->last_auth_methods = xcalloc(strlen(am_copy) +
> strlen(method) + 2, sizeof(char));
> + strcpy(authctxt->last_auth_methods, am_copy);
> + free(am_copy);
> + }
Why not use realloc?
auth2_update_methods_lists() is called after authentication. Can't
sshpam_auth_passwd be called
before auth2_update_methods_lists? (ie. last_auth_methods would be NULL)
In that case do_pam_putenv()
would segfault...
More information about the openssh-unix-dev
mailing list