Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

pam: return error when PAM info item is unset #96

Merged
merged 1 commit into from
Apr 19, 2018
Merged

pam: return error when PAM info item is unset #96

merged 1 commit into from
Apr 19, 2018

Conversation

ebiggers
Copy link
Collaborator

pam_fscrypt is crashing with a segfault in copyIntoSecret() when using
Ctrl-C to interrupt a 'sudo' prompt. It is dereferencing a NULL pointer
that is supposed point to the PAM_AUTHTOK item. The problem is that the
Go code assumes pam_get_item() returns a non-success status if the item
is unset, when actually it sets the data pointer to NULL and returns
PAM_SUCCESS.

Fix it by making pam.Handle.GetItem() return an error in that case.

pam_fscrypt is crashing with a segfault in copyIntoSecret() when using
Ctrl-C to interrupt a 'sudo' prompt.  It is dereferencing a NULL pointer
that is supposed point to the PAM_AUTHTOK item.  The problem is that the
Go code assumes pam_get_item() returns a non-success status if the item
is unset, when actually it sets the data pointer to NULL and returns
PAM_SUCCESS.

Fix it by making pam.Handle.GetItem() return an error in that case.
@josephlr josephlr merged commit 6c4ba88 into google:master Apr 19, 2018
@ebiggers ebiggers deleted the unset_item_fix branch August 22, 2018 16:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants