Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:12.1
pam
bug-724480_pam_env-fix-dos.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File bug-724480_pam_env-fix-dos.patch of Package pam
Description: abort when encountering an overflowed environment variable expansion (CVE-2011-3149). Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874565 Author: Kees Cook <kees@debian.org> Index: Linux-PAM-1.1.4/modules/pam_env/pam_env.c =================================================================== --- Linux-PAM-1.1.4.orig/modules/pam_env/pam_env.c +++ Linux-PAM-1.1.4/modules/pam_env/pam_env.c @@ -570,6 +570,7 @@ static int _expand_arg(pam_handle_t *pam D(("Variable buffer overflow: <%s> + <%s>", tmp, tmpptr)); pam_syslog (pamh, LOG_ERR, "Variable buffer overflow: <%s> + <%s>", tmp, tmpptr); + return PAM_ABORT; } continue; } @@ -631,6 +632,7 @@ static int _expand_arg(pam_handle_t *pam D(("Variable buffer overflow: <%s> + <%s>", tmp, tmpptr)); pam_syslog (pamh, LOG_ERR, "Variable buffer overflow: <%s> + <%s>", tmp, tmpptr); + return PAM_ABORT; } } } /* if ('{' != *orig++) */ @@ -642,6 +644,7 @@ static int _expand_arg(pam_handle_t *pam D(("Variable buffer overflow: <%s> + <%s>", tmp, tmpptr)); pam_syslog(pamh, LOG_ERR, "Variable buffer overflow: <%s> + <%s>", tmp, tmpptr); + return PAM_ABORT; } } } /* for (;*orig;) */
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor