diff options
| author | Walter de Jong <walter.dejong@surfsara.nl> | 2014-08-06 16:42:32 +0200 |
|---|---|---|
| committer | Walter de Jong <walter.dejong@surfsara.nl> | 2014-08-06 16:42:32 +0200 |
| commit | 662310ddb0a24af4fc7fc240d0664d1d5c42a19a (patch) | |
| tree | 15382dfb190ca68bcd2cda655bfe83fb5762c2d8 /src | |
| parent | 6599d28d9df0bf0739c2c66468216f3a60127b1b (diff) | |
| download | libpam-radius-auth-662310ddb0a24af4fc7fc240d0664d1d5c42a19a.tar.gz libpam-radius-auth-662310ddb0a24af4fc7fc240d0664d1d5c42a19a.zip | |
protect against buffer overflow
Diffstat (limited to 'src')
| -rw-r--r-- | src/pam_radius_auth.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/pam_radius_auth.c b/src/pam_radius_auth.c index 887ee1e..853b8a1 100644 --- a/src/pam_radius_auth.c +++ b/src/pam_radius_auth.c @@ -107,6 +107,12 @@ static int _pam_parse(int argc, CONST char **argv, radius_conf_t *conf) /* generic options */ if (!strncmp(*argv,"conf=",5)) { + /* protect against buffer overflow */ + if (strlen(*argv+5) >= sizeof(conf_file)) { + _pam_log(LOG_ERR, "conf= argument too long"); + conf_file[0] = 0; + return 0; + } strcpy(conf_file,*argv+5); } else if (!strcmp(*argv, "use_first_pass")) { |