rpms/pam/FC-4 pam-0.79-userdb-test-null.patch, NONE, 1.1 pam-0.79-cleanup-redhat.patch, 1.4, 1.5 pam-0.79-cleanup.patch, 1.1, 1.2 pam.spec, 1.83, 1.84

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Fri Jul 29 09:47:42 UTC 2005


Author: tmraz

Update of /cvs/dist/rpms/pam/FC-4
In directory cvs.devel.redhat.com:/tmp/cvs-serv8516

Modified Files:
	pam-0.79-cleanup-redhat.patch pam-0.79-cleanup.patch pam.spec 
Added Files:
	pam-0.79-userdb-test-null.patch 
Log Message:
* Fri Jul 29 2005 Tomas Mraz <tmraz at redhat.com> 0.79-9.4
- fix NULL dereference in pam_userdb (#164418)
- fix 64bit bug in pam_pwdb


pam-0.79-userdb-test-null.patch:
 pam_userdb.c |    9 +++++----
 1 files changed, 5 insertions(+), 4 deletions(-)

--- NEW FILE pam-0.79-userdb-test-null.patch ---
--- Linux-PAM-0.79/modules/pam_userdb/pam_userdb.c.test-null	2004-09-28 15:49:26.000000000 +0200
+++ Linux-PAM-0.79/modules/pam_userdb/pam_userdb.c	2005-07-28 11:14:44.000000000 +0200
@@ -161,8 +161,8 @@
     }
 
     if (ctrl & PAM_DEBUG_ARG) {
-	_pam_log(LOG_INFO, "password in database is [%p]`%s', len is %d",
-		 data.dptr, (char *) data.dptr, data.dsize);
+	_pam_log(LOG_INFO, "password in database is [%p]`%.*s', len is %d",
+		 data.dptr, data.dsize, (char *) data.dptr, data.dsize);
     }
 
     if (data.dptr != NULL) {
@@ -174,7 +174,7 @@
 	    return 0; /* found it, data contents don't matter */
 	}
 
-	if (strncasecmp(cryptmode, "crypt", 5) == 0) {
+	if (cryptmode && strncasecmp(cryptmode, "crypt", 5) == 0) {
 
 	  /* crypt(3) password storage */
 
@@ -216,7 +216,8 @@
 	    compare = strncmp(data.dptr, pass, data.dsize);
 	}
 
-	  if (strncasecmp(cryptmode, "none", 4) && ctrl & PAM_DEBUG_ARG) {
+	  if (cryptmode && strncasecmp(cryptmode, "none", 4) 
+		&& (ctrl & PAM_DEBUG_ARG)) {
 	    _pam_log(LOG_INFO, "invalid value for crypt parameter: %s",
 		     cryptmode);
 	    _pam_log(LOG_INFO, "defaulting to plaintext password mode");

pam-0.79-cleanup-redhat.patch:
 pam_console/pam_console.c     |    1 +
 pam_loginuid/pam_loginuid.8   |    2 --
 pam_loginuid/pam_loginuid.c   |   15 +++++++++------
 pam_timestamp/pam_timestamp.c |    2 ++
 4 files changed, 12 insertions(+), 8 deletions(-)

Index: pam-0.79-cleanup-redhat.patch
===================================================================
RCS file: /cvs/dist/rpms/pam/FC-4/pam-0.79-cleanup-redhat.patch,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- pam-0.79-cleanup-redhat.patch	17 Jun 2005 11:05:00 -0000	1.4
+++ pam-0.79-cleanup-redhat.patch	29 Jul 2005 09:47:38 -0000	1.5
@@ -42,7 +42,8 @@
 +		return rc;
  	}
  	if (_pammodutil_write(fd, loginuid, count) != count) 
- 		rc = 1;--- Linux-PAM-0.79/modules/pam_loginuid/pam_loginuid.8.rhcleanup	2005-03-31 18:39:58.000000000 +0200
+ 		rc = 1;
+--- Linux-PAM-0.79/modules/pam_loginuid/pam_loginuid.8.rhcleanup	2005-03-31 18:39:58.000000000 +0200
 +++ Linux-PAM-0.79/modules/pam_loginuid/pam_loginuid.8	2005-05-19 20:59:49.456022913 +0200
 @@ -15,8 +15,6 @@
  .SH EXAMPLE

pam-0.79-cleanup.patch:
 pam_group/pam_group.c           |    2 +-
 pam_issue/pam_issue.c           |    7 ++++---
 pam_listfile/pam_listfile.c     |   25 ++++++++++++++++++++++---
 pam_mail/pam_mail.c             |    2 ++
 pam_motd/pam_motd.c             |   13 ++++++++++---
 pam_pwdb/pam_pwdb.c             |    9 ++++++---
 pam_stress/pam_stress.c         |    8 +++++---
 pam_succeed_if/pam_succeed_if.c |    1 +
 8 files changed, 51 insertions(+), 16 deletions(-)

Index: pam-0.79-cleanup.patch
===================================================================
RCS file: /cvs/dist/rpms/pam/FC-4/pam-0.79-cleanup.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- pam-0.79-cleanup.patch	12 Apr 2005 16:33:08 -0000	1.1
+++ pam-0.79-cleanup.patch	29 Jul 2005 09:47:38 -0000	1.2
@@ -265,3 +265,22 @@
  	return onerr;
      }
      /* There should be no more errors from here on */
+--- Linux-PAM-0.79/modules/pam_pwdb/pam_pwdb.c.cleanup	2000-11-20 00:54:04.000000000 +0100
++++ Linux-PAM-0.79/modules/pam_pwdb/pam_pwdb.c	2005-07-26 10:13:42.000000000 +0200
+@@ -98,11 +98,14 @@
+     pwdb_end();
+ 
+     if ( on(UNIX_LIKE_AUTH, ctrl) ) {
+-	int *pretval = &retval;
++	const void *pretval = NULL;
+ 
+ 	D(("recovering return code from auth call"));
+-	pam_get_data(pamh, "pwdb_setcred_return", (const void **) pretval);
+-	D(("recovered data indicates that old retval was %d", retval));
++	if ( pam_get_data(pamh, "pwdb_setcred_return", &pretval) 
++	    == PAM_SUCCESS ) {
++	    retval = (int)(long)pretval;
++	    D(("recovered data indicates that old retval was %d", retval));
++	}
+     }
+ 


Index: pam.spec
===================================================================
RCS file: /cvs/dist/rpms/pam/FC-4/pam.spec,v
retrieving revision 1.83
retrieving revision 1.84
diff -u -r1.83 -r1.84
--- pam.spec	22 Jul 2005 13:42:12 -0000	1.83
+++ pam.spec	29 Jul 2005 09:47:38 -0000	1.84
@@ -12,7 +12,7 @@
 Summary: A security tool which provides authentication for applications.
 Name: pam
 Version: 0.79
-Release: 9.3
+Release: 9.4
 License: GPL or BSD
 Group: System Environment/Base
 Source0: ftp.us.kernel.org:/pub/linux/libs/pam/pre/library/Linux-PAM-%{version}.tar.bz2
@@ -40,6 +40,7 @@
 Patch75: pam-0.79-cleanup-redhat.patch
 Patch76: pam-0.79-xauth-unsetenv.patch
 Patch77: pam-0.79-console-perms-d.patch
+Patch78: pam-0.79-userdb-test-null.patch
 
 BuildRoot: %{_tmppath}/%{name}-root
 Requires: cracklib, cracklib-dicts >= 2.8, glib2, initscripts >= 3.94
@@ -110,6 +111,7 @@
 %patch75 -p1 -b .rhcleanup
 %patch76 -p1 -b .xauth-unset
 %patch77 -p1 -b .perms-d
+%patch78 -p1 -b .test-null
 
 for readme in modules/pam_*/README ; do
 	cp -f ${readme} doc/txts/README.`dirname ${readme} | sed -e 's|^modules/||'`
@@ -382,6 +384,10 @@
 %{_libdir}/libpam_misc.so
 
 %changelog
+* Fri Jul 29 2005 Tomas Mraz <tmraz at redhat.com> 0.79-9.4
+- fix NULL dereference in pam_userdb (#164418)
+- fix 64bit bug in pam_pwdb
+
 * Fri Jul 22 2005 Tomas Mraz <tmraz at redhat.com> 0.79-9.3
 - more pam_selinux fixes for permissive policy (Dan Walsh)
 




More information about the fedora-cvs-commits mailing list