diff options
-rw-r--r-- | ChangeLog | 4 | ||||
-rw-r--r-- | auth-pam.c | 11 |
2 files changed, 10 insertions, 5 deletions
@@ -1,6 +1,8 @@ | |||
1 | 20040719 | 1 | 20040719 |
2 | - (djm) [openbsd-compat/bsd-arc4random.c] Discard early keystream, like OpenBSD | 2 | - (djm) [openbsd-compat/bsd-arc4random.c] Discard early keystream, like OpenBSD |
3 | ok dtucker@ | 3 | ok dtucker@ |
4 | - (djm) [auth-pam.c] Avoid use of xstrdup and friends in conversation function, | ||
5 | instead return PAM_CONV_ERR, avoiding another path to fatal(); ok dtucker@ | ||
4 | 6 | ||
5 | 20040717 | 7 | 20040717 |
6 | - (dtucker) [logintest.c scp.c sftp-server.c sftp.c ssh-add.c ssh-agent.c | 8 | - (dtucker) [logintest.c scp.c sftp-server.c sftp.c ssh-add.c ssh-agent.c |
@@ -1531,4 +1533,4 @@ | |||
1531 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM | 1533 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM |
1532 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu | 1534 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu |
1533 | 1535 | ||
1534 | $Id: ChangeLog,v 1.3478 2004/07/18 23:30:38 djm Exp $ | 1536 | $Id: ChangeLog,v 1.3479 2004/07/18 23:39:11 djm Exp $ |
diff --git a/auth-pam.c b/auth-pam.c index 5f4200f6f..63515c311 100644 --- a/auth-pam.c +++ b/auth-pam.c | |||
@@ -47,7 +47,7 @@ | |||
47 | 47 | ||
48 | /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ | 48 | /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ |
49 | #include "includes.h" | 49 | #include "includes.h" |
50 | RCSID("$Id: auth-pam.c,v 1.111 2004/07/11 06:54:08 dtucker Exp $"); | 50 | RCSID("$Id: auth-pam.c,v 1.112 2004/07/18 23:39:11 djm Exp $"); |
51 | 51 | ||
52 | #ifdef USE_PAM | 52 | #ifdef USE_PAM |
53 | #if defined(HAVE_SECURITY_PAM_APPL_H) | 53 | #if defined(HAVE_SECURITY_PAM_APPL_H) |
@@ -817,7 +817,8 @@ sshpam_tty_conv(int n, struct pam_message **msg, | |||
817 | case PAM_PROMPT_ECHO_ON: | 817 | case PAM_PROMPT_ECHO_ON: |
818 | fprintf(stderr, "%s\n", PAM_MSG_MEMBER(msg, i, msg)); | 818 | fprintf(stderr, "%s\n", PAM_MSG_MEMBER(msg, i, msg)); |
819 | fgets(input, sizeof input, stdin); | 819 | fgets(input, sizeof input, stdin); |
820 | reply[i].resp = xstrdup(input); | 820 | if ((reply[i].resp = strdup(input)) == NULL) |
821 | goto fail; | ||
821 | reply[i].resp_retcode = PAM_SUCCESS; | 822 | reply[i].resp_retcode = PAM_SUCCESS; |
822 | break; | 823 | break; |
823 | case PAM_ERROR_MSG: | 824 | case PAM_ERROR_MSG: |
@@ -1003,7 +1004,8 @@ sshpam_passwd_conv(int n, struct pam_message **msg, | |||
1003 | case PAM_PROMPT_ECHO_OFF: | 1004 | case PAM_PROMPT_ECHO_OFF: |
1004 | if (sshpam_password == NULL) | 1005 | if (sshpam_password == NULL) |
1005 | goto fail; | 1006 | goto fail; |
1006 | reply[i].resp = xstrdup(sshpam_password); | 1007 | if ((reply[i].resp = strdup(sshpam_password)) == NULL) |
1008 | goto fail; | ||
1007 | reply[i].resp_retcode = PAM_SUCCESS; | 1009 | reply[i].resp_retcode = PAM_SUCCESS; |
1008 | break; | 1010 | break; |
1009 | case PAM_ERROR_MSG: | 1011 | case PAM_ERROR_MSG: |
@@ -1014,7 +1016,8 @@ sshpam_passwd_conv(int n, struct pam_message **msg, | |||
1014 | PAM_MSG_MEMBER(msg, i, msg), len); | 1016 | PAM_MSG_MEMBER(msg, i, msg), len); |
1015 | buffer_append(&loginmsg, "\n", 1); | 1017 | buffer_append(&loginmsg, "\n", 1); |
1016 | } | 1018 | } |
1017 | reply[i].resp = xstrdup(""); | 1019 | if ((reply[i].resp = strdup("")) == NULL) |
1020 | goto fail; | ||
1018 | reply[i].resp_retcode = PAM_SUCCESS; | 1021 | reply[i].resp_retcode = PAM_SUCCESS; |
1019 | break; | 1022 | break; |
1020 | default: | 1023 | default: |