NetBSD Problem Report #44505
From mark@ecs.vuw.ac.nz Wed Feb 2 23:01:43 2011
Return-Path: <mark@ecs.vuw.ac.nz>
Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
by www.NetBSD.org (Postfix) with ESMTP id B6C8D63B874
for <gnats-bugs@gnats.NetBSD.org>; Wed, 2 Feb 2011 23:01:43 +0000 (UTC)
Message-Id: <201102022301.p12N1bZu026670@city-art.ecs.vuw.ac.nz>
Date: Thu, 3 Feb 2011 12:01:37 +1300 (NZDT)
From: mark@ecs.vuw.ac.nz
Reply-To: mark@ecs.vuw.ac.nz
To: gnats-bugs@gnats.NetBSD.org
Subject: pam_exec fails to realloc enough space
X-Send-Pr-Version: 3.95
>Number: 44505
>Category: lib
>Synopsis: pam_exec fails to realloc enough space
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: lib-bug-people
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Wed Feb 02 23:05:00 +0000 2011
>Closed-Date: Thu Mar 10 19:57:30 +0000 2011
>Last-Modified: Thu Mar 10 19:57:30 +0000 2011
>Originator: Mark Davies
>Release: NetBSD 5.99.41
>Organization:
ECS, Victoria Uni. of Wellington, New Zealand.
>Environment:
System: NetBSD city-art.ecs.vuw.ac.nz 5.99.41 NetBSD 5.99.41 (ECS_WORKSTATION.nodrm) #0: Fri Dec 17 11:11:42 NZDT 2010 mark@turakirae.ecs.vuw.ac.nz:/local/SAVE/cur.obj/src/work/src/sys/arch/i386/compile/ECS_WORKSTATION.nodrm i386
Architecture: i386
Machine: i386
>Description:
when calculating the size to realloc the envlist its building
multiply the number of items by the size of a char *, not a char.
>How-To-Repeat:
inspection.
>Fix:
Apply FreeBSD's revision 1.5. While here also apply FreeBSD's
revision 1.6 -- childerr needs to be volatile so gcc won't
optimize it away.
Index: pam_exec.c
===================================================================
RCS file: /src/cvs/netbsd/src/lib/libpam/modules/pam_exec/pam_exec.c,v
retrieving revision 1.4
diff -u -r1.4 pam_exec.c
--- pam_exec.c 26 Feb 2005 22:45:52 -0000 1.4
+++ pam_exec.c 2 Feb 2011 22:49:56 -0000
@@ -70,8 +70,9 @@
_pam_exec(pam_handle_t *pamh __unused, int flags __unused,
int argc, const char *argv[])
{
- int childerr, envlen, i, nitems, pam_err, status;
+ int envlen, i, nitems, pam_err, status;
char **envlist, **tmp;
+ volatile int childerr;
pid_t pid;
if (argc < 1)
@@ -90,7 +91,7 @@
for (envlen = 0; envlist[envlen] != NULL; ++envlen)
/* nothing */ ;
nitems = sizeof(env_items) / sizeof(*env_items);
- tmp = realloc(envlist, (envlen + nitems + 1) * sizeof **envlist);
+ tmp = realloc(envlist, (envlen + nitems + 1) * sizeof(*envlist));
if (tmp == NULL) {
openpam_free_envlist(envlist);
return (PAM_BUF_ERR);
>Release-Note:
>Audit-Trail:
From: "Christos Zoulas" <christos@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/44505 CVS commit: src/lib/libpam/modules/pam_exec
Date: Wed, 2 Feb 2011 21:06:00 -0500
Module Name: src
Committed By: christos
Date: Thu Feb 3 02:06:00 UTC 2011
Modified Files:
src/lib/libpam/modules/pam_exec: pam_exec.c
Log Message:
PR/44505: Mark Davies: pam_exec fails to realloc enough space, while
there add a volatile variable (From FreeBSD)
To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 src/lib/libpam/modules/pam_exec/pam_exec.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
State-Changed-From-To: open->closed
State-Changed-By: markd@NetBSD.org
State-Changed-When: Thu, 10 Mar 2011 19:57:30 +0000
State-Changed-Why:
christos applied this.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.