Module Name: src Committed By: shm Date: Sat Sep 30 18:06:24 UTC 2023
Modified Files: src/libexec/ftpd: ftpd.c Log Message: pam_set_item PAM_SOCKADDR expects sockaddr_storage structure Instead, internal struct sockinet was used. Because it's length is shorter than sockaddr_storage, libpam was copying also memory outside of sockinet struct. To generate a diff of this commit: cvs rdiff -u -r1.207 -r1.208 src/libexec/ftpd/ftpd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/libexec/ftpd/ftpd.c diff -u src/libexec/ftpd/ftpd.c:1.207 src/libexec/ftpd/ftpd.c:1.208 --- src/libexec/ftpd/ftpd.c:1.207 Sat Sep 2 12:16:29 2023 +++ src/libexec/ftpd/ftpd.c Sat Sep 30 18:06:24 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: ftpd.c,v 1.207 2023/09/02 12:16:29 lukem Exp $ */ +/* $NetBSD: ftpd.c,v 1.208 2023/09/30 18:06:24 shm Exp $ */ /* * Copyright (c) 1997-2023 The NetBSD Foundation, Inc. @@ -97,7 +97,7 @@ __COPYRIGHT("@(#) Copyright (c) 1985, 19 #if 0 static char sccsid[] = "@(#)ftpd.c 8.5 (Berkeley) 4/28/95"; #else -__RCSID("$NetBSD: ftpd.c,v 1.207 2023/09/02 12:16:29 lukem Exp $"); +__RCSID("$NetBSD: ftpd.c,v 1.208 2023/09/30 18:06:24 shm Exp $"); #endif #endif /* not lint */ @@ -3896,6 +3896,7 @@ auth_pam(void) int e; ftpd_cred_t auth_cred = { curname, 0 }; struct pam_conv conv = { &auth_conv, &auth_cred }; + struct sockaddr_storage ss; e = pam_start("ftpd", curname, &conv, &pamh); if (e != PAM_SUCCESS) { @@ -3918,7 +3919,9 @@ auth_pam(void) return -1; } - e = pam_set_item(pamh, PAM_SOCKADDR, &his_addr); + memset(&ss, 0, sizeof(ss)); + memcpy(&ss, &his_addr.si_su, his_addr.su_len); + e = pam_set_item(pamh, PAM_SOCKADDR, &ss); if (e != PAM_SUCCESS) { syslog(LOG_ERR, "pam_set_item(PAM_SOCKADDR): %s", pam_strerror(pamh, e));