Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15-SP6
slurm.30623
pam_slurm-Initialize-arrays-and-pass-sizes.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File pam_slurm-Initialize-arrays-and-pass-sizes.patch of Package slurm.30623
From: Egbert Eich <eich@suse.com> Date: Mon Feb 20 21:29:27 2023 +0100 Subject: pam_slurm: Initialize arrays and pass sizes Patch-mainline: Not yet Git-commit: 5feca5c29d4e820dafd8d34c0343944b28890902 References: bsc#1007053 PAM is security critical: - clear arrays - ensure strings are NULL-terminated. Signed-off-by: Egbert Eich <eich@suse.com> Originally-from: Sebastian Krahmer <krahmer@suse.com> Signed-off-by: Egbert Eich <eich@suse.de> --- contribs/pam/pam_slurm.c | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/contribs/pam/pam_slurm.c b/contribs/pam/pam_slurm.c index 20d21a9..363b6ae 100644 --- a/contribs/pam/pam_slurm.c +++ b/contribs/pam/pam_slurm.c @@ -266,9 +266,9 @@ static int _gethostname_short (char *name, size_t len) { int error_code, name_len; - char *dot_ptr, path_name[1024]; + char *dot_ptr, path_name[1024] = {0}; - error_code = gethostname(path_name, sizeof(path_name)); + error_code = gethostname(path_name, sizeof(path_name) - 1); if (error_code) return error_code; @@ -296,13 +296,13 @@ static int _slurm_match_allocation(uid_t uid) { int authorized = 0, i; - char hostname[MAXHOSTNAMELEN]; + char hostname[MAXHOSTNAMELEN] = {0}; char *nodename = NULL; job_info_msg_t * msg; slurm_init(NULL); - if (_gethostname_short(hostname, sizeof(hostname)) < 0) { + if (_gethostname_short(hostname, sizeof(hostname) - 1) < 0) { _log_msg(LOG_ERR, "gethostname: %m"); return 0; } @@ -425,7 +425,7 @@ _send_denial_msg(pam_handle_t *pamh, struct _options *opts, */ extern void libpam_slurm_init (void) { - char libslurmname[64]; + char libslurmname[64] = {0}; if (slurm_h) return; @@ -433,10 +433,10 @@ extern void libpam_slurm_init (void) /* First try to use the same libslurm version ("libslurm.so.24.0.0"), * Second try to match the major version number ("libslurm.so.24"), * Otherwise use "libslurm.so" */ - if (snprintf(libslurmname, sizeof(libslurmname), + if (snprintf(libslurmname, sizeof(libslurmname) - 1, "libslurm.so.%d.%d.%d", SLURM_API_CURRENT, SLURM_API_REVISION, SLURM_API_AGE) >= - sizeof(libslurmname) ) { + sizeof(libslurmname) - 1) { _log_msg (LOG_ERR, "Unable to write libslurmname\n"); } else if ((slurm_h = dlopen(libslurmname, RTLD_NOW|RTLD_GLOBAL))) { return; @@ -445,8 +445,10 @@ extern void libpam_slurm_init (void) libslurmname, dlerror ()); } - if (snprintf(libslurmname, sizeof(libslurmname), "libslurm.so.%d", - SLURM_API_CURRENT) >= sizeof(libslurmname) ) { + memset(libslurmname, 0, sizeof(libslurmname)); + + if (snprintf(libslurmname, sizeof(libslurmname) - 1, "libslurm.so.%d", + SLURM_API_CURRENT) >= sizeof(libslurmname) - 1) { _log_msg (LOG_ERR, "Unable to write libslurmname\n"); } else if ((slurm_h = dlopen(libslurmname, RTLD_NOW|RTLD_GLOBAL))) { return;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor