mirrors/linux-pam
0
0
Fork 0
mirror of https://github.com/linux-pam/linux-pam.git synced 2024-11-23 17:53:40 +08:00
Code Issues Packages Projects Releases Wiki Activity

pam_localuser: open the passwd file after user name validation

Browse Source 
Since user name is untrusted input, it should be validated earlier
rather than later.

* modules/pam_localuser/pam_localuser.c (pam_sm_authenticate): Open
the passwd file after user name validation.
This commit is contained in:
Dmitry V. Levin 2020-05-01 21:44:59 +00:00
parent fa66049858
commit c6c3b3f9f7
1 changed files with 7 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
modules/pam_localuser/pam_localuser.c
View File

@ -95,29 +95,18 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
}
}
/* open the file */
fp = fopen(filename, "r");
if(fp == NULL) {
pam_syslog (pamh, LOG_ERR, "error opening \"%s\": %m",
filename);
return PAM_SERVICE_ERR;
}
if(pam_get_user(pamh, &user, NULL) != PAM_SUCCESS) {
pam_syslog (pamh, LOG_ERR, "user name not specified yet");
fclose(fp);
return PAM_SERVICE_ERR;
}
if ((user_len = strlen(user)) == 0) {
pam_syslog (pamh, LOG_ERR, "user name not valid");
fclose(fp);
return PAM_SERVICE_ERR;
}
if (user_len > sizeof(line) - sizeof(":")) {
pam_syslog (pamh, LOG_ERR, "user name too long");
fclose(fp);
return PAM_SERVICE_ERR;
}
@ -126,10 +115,16 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
* "root:x" is not a local user name even if the passwd file
* contains a line starting with "root:x:".
*/
fclose(fp);
return PAM_PERM_DENIED;
}
/* Open the passwd file. */
if ((fp = fopen(filename, "r")) == NULL) {
pam_syslog (pamh, LOG_ERR, "error opening \"%s\": %m",
filename);
return PAM_SERVICE_ERR;
}
/*
* Scan the file using fgets() instead of fgetpwent_r() because
* the latter is not flexible enough in handling long lines