Oops, thanks for the pointer... I will modify that. Know anything about
using the pam_get_item()?
Justin F. wrote:
{
int retval;
udataptr myUser = &localUser;
myConfigPtr myConfig = &localConfig;
char user[15];
char *password;
myUser->usrname=user;
char error_msg[30];
if( ( retval = pam_get_user( pamh, &( myUser->usrname ), "PAM_test
login:" ) != PAM_SUCCESS ) ) {
strcpy( error_msg, "Could not obtain user name: " );
strcat( error_msg, myUser->usrname );
You do not feel having a fixed length array of 30b with a 28b messages and
strcat'ing a username into it could cause problems?
This leads you with like 1 byte usernames.
if( ( retval = pam_get_user( pamh, &( myUser->usrname ), "PAM_test
login:" ) == PAM_SUCCESS ) ) {
strcpy( error_msg, "Obtained username: " );
strcat( error_msg, myUser->usrname );
Same deal here, however you have more wiggle room.
However, I am not a pam expert, so I can't really answer your question- I
just noticed those two potential overflows.
Justin F.
--
Jason Gerfen
jason.gerfen@xxxxxxxxxxxx
"And remember... If the ladies
don't find you handsome, they
should at least find you handy..."
~The Red Green show
_______________________________________________
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list
_______________________________________________
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list
--
Jason Gerfen
Student Computing
Marriott Library
801.585.9810
jason.gerfen@xxxxxxxxxxxx
"And remember... If the ladies
don't find you handsome, they
should at least find you handy..."
~The Red Green show
_______________________________________________
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list
