diff options
Diffstat (limited to 'mail-mta/exim/files/exim-4.94-taint-pam-expansion.patch')
-rw-r--r-- | mail-mta/exim/files/exim-4.94-taint-pam-expansion.patch | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/mail-mta/exim/files/exim-4.94-taint-pam-expansion.patch b/mail-mta/exim/files/exim-4.94-taint-pam-expansion.patch new file mode 100644 index 000000000000..81863d340edb --- /dev/null +++ b/mail-mta/exim/files/exim-4.94-taint-pam-expansion.patch @@ -0,0 +1,35 @@ +From f7f933a199be8bb7362c715e0040545b514cddca Mon Sep 17 00:00:00 2001 +From: Jeremy Harris <jgh146exb@wizmail.org> +Date: Tue, 2 Jun 2020 14:50:31 +0100 +Subject: [PATCH] Taint: fix pam expansion condition. Bug 2587 + +--- + doc/doc-txt/ChangeLog | 5 +++++ + src/src/auths/call_pam.c | 5 ++--- + 2 files changed, 7 insertions(+), 3 deletions(-) + +modified for gentoo so the patch applies by dropping Changelog part + +diff --git a/src/src/auths/call_pam.c b/src/src/auths/call_pam.c +index 2959cbbf3..80bb23ec3 100644 +--- a/src/src/auths/call_pam.c ++++ b/src/src/auths/call_pam.c +@@ -83,8 +83,7 @@ for (int i = 0; i < num_msg; i++) + { + case PAM_PROMPT_ECHO_ON: + case PAM_PROMPT_ECHO_OFF: +- arg = string_nextinlist(&pam_args, &sep, big_buffer, big_buffer_size); +- if (!arg) ++ if (!(arg = string_nextinlist(&pam_args, &sep, NULL, 0))) + { + arg = US""; + pam_arg_ended = TRUE; +@@ -155,7 +154,7 @@ pam_arg_ended = FALSE; + fail. PAM doesn't support authentication with an empty user (it prompts for it, + causing a potential mis-interpretation). */ + +-user = string_nextinlist(&pam_args, &sep, big_buffer, big_buffer_size); ++user = string_nextinlist(&pam_args, &sep, NULL, 0); + if (user == NULL || user[0] == 0) return FAIL; + + /* Start off PAM interaction */ |