Bug:
getpwnum() (or getlogin() in earlier stage) may return NULL under
various complex circumstanes, but following code not expect it and may
cause NULL pointer reference and core dump.
Fix:
Add check for NULL and return PAM_AUTH_ERR
--- pam_opie.c.bak Sun Jan 20 22:23:18 2002
+++ pam_opie.c Sun Jan 20 22:37:08 2002
@@ -89,7 +89,8 @@
user = NULL;
if (pam_test_option(&options, PAM_OPT_AUTH_AS_SELF, NULL)) {
- pwd = getpwnam(getlogin());
+ if ((pwd = getpwnam(getlogin())) == NULL)
+ PAM_RETURN(PAM_AUTH_ERR);
user = pwd->pw_name;
}
else {
--
Andrey A. Chernov
http://ache.pp.ru/
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
