File 0002-fixed-buffer-overflow-with-long-home-direc... of Package pam_pkcs11.6656

Overview Repositories Revisions Requests Users Attributes Meta

File 0002-fixed-buffer-overflow-with-long-home-directory.patch of Package pam_pkcs11.6656

From a37fe986997b2d2fefc350c43650cc8193389235 Mon Sep 17 00:00:00 2001
From: Frank Morgner <frankmorgner@gmail.com>
Date: Fri, 25 May 2018 23:53:44 +0200
Subject: [PATCH 2/3] fixed buffer overflow with long home directory

Thanks to Eric Sesterhenn from X41 D-SEC GmbH
for reporting the issue.
---
 src/mappers/openssh_mapper.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/mappers/openssh_mapper.c b/src/mappers/openssh_mapper.c
index b9e09f7..ed0a409 100644
--- a/src/mappers/openssh_mapper.c
+++ b/src/mappers/openssh_mapper.c
@@ -311,7 +311,7 @@ _DEFAULT_MAPPER_END
 */
 static int openssh_mapper_match_user(X509 *x509, const char *user, void *context) {
         struct passwd *pw;
-	char filename[512];
+	char filename[PATH_MAX];
         if (!x509) return -1;
         if (!user) return -1;
         pw = getpwnam(user);
@@ -333,7 +333,7 @@ static char * openssh_mapper_find_user(X509 *x509, void *context, int *match) {
         /* parse list of users until match */
         setpwent();
         while((pw=getpwent()) != NULL) {
-	    char filename[512];
+	    char filename[PATH_MAX];
             DBG1("Trying to match certificate with user: '%s'",pw->pw_name);
             if ( is_empty_str(pw->pw_dir) ) {
                 DBG1("User '%s' has no home directory",pw->pw_name);
-- 
2.18.0

Places

File 0002-fixed-buffer-overflow-with-long-home-directory.patch of Package pam_pkcs11.6656

Places