summaryrefslogtreecommitdiff
path: root/system/linux-pam/musl-fix-pam_exec.patch
diff options
context:
space:
mode:
Diffstat (limited to 'system/linux-pam/musl-fix-pam_exec.patch')
-rw-r--r--system/linux-pam/musl-fix-pam_exec.patch31
1 files changed, 31 insertions, 0 deletions
diff --git a/system/linux-pam/musl-fix-pam_exec.patch b/system/linux-pam/musl-fix-pam_exec.patch
new file mode 100644
index 000000000..b6b999fae
--- /dev/null
+++ b/system/linux-pam/musl-fix-pam_exec.patch
@@ -0,0 +1,31 @@
+--- ./modules/pam_exec/pam_exec.c.orig
++++ ./modules/pam_exec/pam_exec.c
+@@ -103,11 +103,14 @@
+ int optargc;
+ const char *logfile = NULL;
+ const char *authtok = NULL;
++ char authtok_buf[PAM_MAX_RESP_SIZE+1];
++
+ pid_t pid;
+ int fds[2];
+ int stdout_fds[2];
+ FILE *stdout_file = NULL;
+
++ memset(authtok_buf, 0, sizeof(authtok_buf));
+ if (argc < 1) {
+ pam_syslog (pamh, LOG_ERR,
+ "This module needs at least one argument");
+@@ -178,11 +181,11 @@
+ }
+
+ pam_set_item (pamh, PAM_AUTHTOK, resp);
+- authtok = strndupa (resp, PAM_MAX_RESP_SIZE);
++ authtok = strncpy(authtok_buf, resp, sizeof(authtok_buf));
+ _pam_drop (resp);
+ }
+ else
+- authtok = strndupa (void_pass, PAM_MAX_RESP_SIZE);
++ authtok = strncpy(authtok_buf, void_pass, sizeof(authtok_buf));
+
+ if (pipe(fds) != 0)
+ {
generated by cgit v1.2.3-60-g2f50 (git 2.42.0) at 2024-07-03 12:45:23 +0000