package/linux-pam/0003-Replace-strndupa-with-strncpy.patch - buildroot - Git at Google

 From 91d4678388b2a7d768ee2ec8cc569e11fc223ffd Mon Sep 17 00:00:00 2001
 From: Rosen Penev <rosenp@gmail.com>
 Date: Sun, 15 Jul 2018 20:43:44 -0700
 Subject: [PATCH] Replace strndupa with strncpy

 glibc only. A static string is better.

 Signed-off-by: Rosen Penev <rosenp@gmail.com>
 [Retrieved from:
 https://github.com/linux-pam/linux-pam/commit/91d4678388b2a7d768ee2ec8cc569e11fc223ffd]
 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
 ---
  modules/pam_exec/pam_exec.c | 31 +++++++++++--------------------
  1 file changed, 11 insertions(+), 20 deletions(-)

 diff --git a/modules/pam_exec/pam_exec.c b/modules/pam_exec/pam_exec.c
 index 52dc6818..6cad16e4 100644
 --- a/modules/pam_exec/pam_exec.c
 +++ b/modules/pam_exec/pam_exec.c
 @@ -102,7 +102,7 @@ call_exec (const char *pam_type, pam_handle_t *pamh,
    int use_stdout = 0;
    int optargc;
    const char *logfile = NULL;
 -  const char *authtok = NULL;
 +  char authtok[PAM_MAX_RESP_SIZE] = {};
    pid_t pid;
    int fds[2];
    int stdout_fds[2];
 @@ -180,12 +180,12 @@ call_exec (const char *pam_type, pam_handle_t *pamh,
  	      if (resp)
  		{
  		  pam_set_item (pamh, PAM_AUTHTOK, resp);
 -		  authtok = strndupa (resp, PAM_MAX_RESP_SIZE);
 +		  strncpy (authtok, resp, sizeof(authtok) - 1);
  		  _pam_drop (resp);
  		}
  	    }
  	  else
 -	    authtok = strndupa (void_pass, PAM_MAX_RESP_SIZE);
 +	    strncpy (authtok, void_pass, sizeof(authtok) - 1);

  	  if (pipe(fds) != 0)
  	    {
 @@ -225,23 +225,14 @@ call_exec (const char *pam_type, pam_handle_t *pamh,

        if (expose_authtok) /* send the password to the child */
  	{
 -	  if (authtok != NULL)
 -	    {            /* send the password to the child */
 -	      if (debug)
 -		pam_syslog (pamh, LOG_DEBUG, "send password to child");
 -	      if (write(fds[1], authtok, strlen(authtok)+1) == -1)
 -		pam_syslog (pamh, LOG_ERR,
 -			    "sending password to child failed: %m");
 -	      authtok = NULL;
 -	    }
 -	  else
 -	    {
 -	      if (write(fds[1], "", 1) == -1)   /* blank password */
 -		pam_syslog (pamh, LOG_ERR,
 -			    "sending password to child failed: %m");
 -	    }
 -        close(fds[0]);       /* close here to avoid possible SIGPIPE above */
 -        close(fds[1]);
 +	  if (debug)
 +	    pam_syslog (pamh, LOG_DEBUG, "send password to child");
 +	  if (write(fds[1], authtok, strlen(authtok)) == -1)
 +	    pam_syslog (pamh, LOG_ERR,
 +			      "sending password to child failed: %m");
 +
 +          close(fds[0]);       /* close here to avoid possible SIGPIPE above */
 +          close(fds[1]);
  	}

        if (use_stdout)
	From 91d4678388b2a7d768ee2ec8cc569e11fc223ffd Mon Sep 17 00:00:00 2001
	From: Rosen Penev <rosenp@gmail.com>
	Date: Sun, 15 Jul 2018 20:43:44 -0700
	Subject: [PATCH] Replace strndupa with strncpy

	glibc only. A static string is better.

	Signed-off-by: Rosen Penev <rosenp@gmail.com>
	[Retrieved from:
	https://github.com/linux-pam/linux-pam/commit/91d4678388b2a7d768ee2ec8cc569e11fc223ffd]
	Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
	---
	modules/pam_exec/pam_exec.c \| 31 +++++++++++--------------------
	1 file changed, 11 insertions(+), 20 deletions(-)

	diff --git a/modules/pam_exec/pam_exec.c b/modules/pam_exec/pam_exec.c
	index 52dc6818..6cad16e4 100644
	--- a/modules/pam_exec/pam_exec.c
	+++ b/modules/pam_exec/pam_exec.c
	@@ -102,7 +102,7 @@ call_exec (const char pam_type, pam_handle_t pamh,
	int use_stdout = 0;
	int optargc;
	const char *logfile = NULL;
	- const char *authtok = NULL;
	+ char authtok[PAM_MAX_RESP_SIZE] = {};
	pid_t pid;
	int fds[2];
	int stdout_fds[2];
	@@ -180,12 +180,12 @@ call_exec (const char pam_type, pam_handle_t pamh,
	if (resp)
	{
	pam_set_item (pamh, PAM_AUTHTOK, resp);
	- authtok = strndupa (resp, PAM_MAX_RESP_SIZE);
	+ strncpy (authtok, resp, sizeof(authtok) - 1);
	_pam_drop (resp);
	}
	}
	else
	- authtok = strndupa (void_pass, PAM_MAX_RESP_SIZE);
	+ strncpy (authtok, void_pass, sizeof(authtok) - 1);

	if (pipe(fds) != 0)
	{
	@@ -225,23 +225,14 @@ call_exec (const char pam_type, pam_handle_t pamh,

	if (expose_authtok) /* send the password to the child */
	{
	- if (authtok != NULL)
	- { /* send the password to the child */
	- if (debug)
	- pam_syslog (pamh, LOG_DEBUG, "send password to child");
	- if (write(fds[1], authtok, strlen(authtok)+1) == -1)
	- pam_syslog (pamh, LOG_ERR,
	- "sending password to child failed: %m");
	- authtok = NULL;
	- }
	- else
	- {
	- if (write(fds[1], "", 1) == -1) /* blank password */
	- pam_syslog (pamh, LOG_ERR,
	- "sending password to child failed: %m");
	- }
	- close(fds[0]); /* close here to avoid possible SIGPIPE above */
	- close(fds[1]);
	+ if (debug)
	+ pam_syslog (pamh, LOG_DEBUG, "send password to child");
	+ if (write(fds[1], authtok, strlen(authtok)) == -1)
	+ pam_syslog (pamh, LOG_ERR,
	+ "sending password to child failed: %m");
	+
	+ close(fds[0]); /* close here to avoid possible SIGPIPE above */
	+ close(fds[1]);
	}

	if (use_stdout)