Module Name: src
Committed By: shm
Date: Sat Sep 30 18:06:24 UTC 2023
Modified Files:
src/libexec/ftpd: ftpd.c
Log Message:
pam_set_item PAM_SOCKADDR expects sockaddr_storage structure
Instead, internal struct sockinet was used. Because it's length is shorter
than sockaddr_storage, libpam was copying also memory outside of sockinet
struct.
To generate a diff of this commit:
cvs rdiff -u -r1.207 -r1.208 src/libexec/ftpd/ftpd.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/libexec/ftpd/ftpd.c
diff -u src/libexec/ftpd/ftpd.c:1.207 src/libexec/ftpd/ftpd.c:1.208
--- src/libexec/ftpd/ftpd.c:1.207 Sat Sep 2 12:16:29 2023
+++ src/libexec/ftpd/ftpd.c Sat Sep 30 18:06:24 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: ftpd.c,v 1.207 2023/09/02 12:16:29 lukem Exp $ */
+/* $NetBSD: ftpd.c,v 1.208 2023/09/30 18:06:24 shm Exp $ */
/*
* Copyright (c) 1997-2023 The NetBSD Foundation, Inc.
@@ -97,7 +97,7 @@ __COPYRIGHT("@(#) Copyright (c) 1985, 19
#if 0
static char sccsid[] = "@(#)ftpd.c 8.5 (Berkeley) 4/28/95";
#else
-__RCSID("$NetBSD: ftpd.c,v 1.207 2023/09/02 12:16:29 lukem Exp $");
+__RCSID("$NetBSD: ftpd.c,v 1.208 2023/09/30 18:06:24 shm Exp $");
#endif
#endif /* not lint */
@@ -3896,6 +3896,7 @@ auth_pam(void)
int e;
ftpd_cred_t auth_cred = { curname, 0 };
struct pam_conv conv = { &auth_conv, &auth_cred };
+ struct sockaddr_storage ss;
e = pam_start("ftpd", curname, &conv, &pamh);
if (e != PAM_SUCCESS) {
@@ -3918,7 +3919,9 @@ auth_pam(void)
return -1;
}
- e = pam_set_item(pamh, PAM_SOCKADDR, &his_addr);
+ memset(&ss, 0, sizeof(ss));
+ memcpy(&ss, &his_addr.si_su, his_addr.su_len);
+ e = pam_set_item(pamh, PAM_SOCKADDR, &ss);
if (e != PAM_SUCCESS) {
syslog(LOG_ERR, "pam_set_item(PAM_SOCKADDR): %s",
pam_strerror(pamh, e));
