[Bug 2539] New: Add missing sanity check for read_passphrase() in auth-pam.c
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Sun Feb 14 08:29:10 AEDT 2016
https://bugzilla.mindrot.org/show_bug.cgi?id=2539
Bug ID: 2539
Summary: Add missing sanity check for read_passphrase() in
auth-pam.c
Product: Portable OpenSSH
Version: 7.1p1
Hardware: All
OS: All
Status: NEW
Severity: major
Priority: P5
Component: PAM support
Assignee: unassigned-bugs at mindrot.org
Reporter: wp02855 at gmail.com
Created attachment 2784
--> https://bugzilla.mindrot.org/attachment.cgi?id=2784&action=edit
Patch file for this bug report
Hello All,
In reviewing code in OpenSSH-7.1p2, it would appear in file
'auth-pam.c',
function 'sshpam_tty_conv()', there is a call to read_passphrase()
which
is not checked for a return value of NULL, indicating failure. The
patch
file below should address/correct this issue:
--- auth-pam.c.orig 2016-02-13 09:44:14.656582235 -0800
+++ auth-pam.c 2016-02-13 09:46:14.583824370 -0800
@@ -982,6 +982,8 @@
reply[i].resp =
read_passphrase(PAM_MSG_MEMBER(msg, i,
msg),
RP_ALLOW_STDIN);
+ if (reply[i].resp == NULL)
+ goto fail;
reply[i].resp_retcode = PAM_SUCCESS;
break;
case PAM_PROMPT_ECHO_ON:
=======================================================================
I am attaching the patch file to this bug report...
Bill Parker (wp02855 at gmail dot com)
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list