Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15:Update
slurm.13628
pam_slurm-Initialize-arrays-and-pass-sizes.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File pam_slurm-Initialize-arrays-and-pass-sizes.patch of Package slurm.13628
From: Sebastian Krahmer <krahmer@suse.com> Date: Thu Feb 2 09:49:38 2017 +0100 Subject: [PATCH]pam_slurm: Initialize arrays and pass sizes Git-repo: https://github.com/SchedMD/slurm Git-commit: fbfbb90f6a2e7f134220991ed3263894ba365411 References: bsc#1007053 Signed-off-by: Egbert Eich <eich@suse.de> PAM is security critical: - clear arrays - ensure strings are NULL-terminated. Signed-off-by: Egbert Eich <eich@suse.com> --- contribs/pam/pam_slurm.c | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/contribs/pam/pam_slurm.c b/contribs/pam/pam_slurm.c index 0968a9c..ee179d5 100644 --- a/contribs/pam/pam_slurm.c +++ b/contribs/pam/pam_slurm.c @@ -266,9 +266,9 @@ static int _gethostname_short (char *name, size_t len) { int error_code, name_len; - char *dot_ptr, path_name[1024]; + char *dot_ptr, path_name[1024] = {0}; - error_code = gethostname(path_name, sizeof(path_name)); + error_code = gethostname(path_name, sizeof(path_name) - 1); if (error_code) return error_code; @@ -296,11 +296,11 @@ static int _slurm_match_allocation(uid_t uid) { int authorized = 0, i; - char hostname[MAXHOSTNAMELEN]; + char hostname[MAXHOSTNAMELEN] = {0}; char *nodename = NULL; job_info_msg_t * msg; - if (_gethostname_short(hostname, sizeof(hostname)) < 0) { + if (_gethostname_short(hostname, sizeof(hostname) - 1) < 0) { _log_msg(LOG_ERR, "gethostname: %m"); return 0; } @@ -409,7 +409,7 @@ _send_denial_msg(pam_handle_t *pamh, struct _options *opts, */ extern void libpam_slurm_init (void) { - char libslurmname[64]; + char libslurmname[64] = {0}; if (slurm_h) return; @@ -417,10 +417,10 @@ extern void libpam_slurm_init (void) /* First try to use the same libslurm version ("libslurm.so.24.0.0"), * Second try to match the major version number ("libslurm.so.24"), * Otherwise use "libslurm.so" */ - if (snprintf(libslurmname, sizeof(libslurmname), + if (snprintf(libslurmname, sizeof(libslurmname) - 1, "libslurm.so.%d.%d.%d", SLURM_API_CURRENT, SLURM_API_REVISION, SLURM_API_AGE) >= - sizeof(libslurmname) ) { + sizeof(libslurmname) - 1) { _log_msg (LOG_ERR, "Unable to write libslurmname\n"); } else if ((slurm_h = dlopen(libslurmname, RTLD_NOW|RTLD_GLOBAL))) { return; @@ -429,8 +429,10 @@ extern void libpam_slurm_init (void) libslurmname, dlerror ()); } - if (snprintf(libslurmname, sizeof(libslurmname), "libslurm.so.%d", - SLURM_API_CURRENT) >= sizeof(libslurmname) ) { + memset(libslurmname, 0, sizeof(libslurmname)); + + if (snprintf(libslurmname, sizeof(libslurmname) - 1, "libslurm.so.%d", + SLURM_API_CURRENT) >= sizeof(libslurmname) - 1) { _log_msg (LOG_ERR, "Unable to write libslurmname\n"); } else if ((slurm_h = dlopen(libslurmname, RTLD_NOW|RTLD_GLOBAL))) { return;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor