diff options
| author |   millert <millert@openbsd.org> | 2021-01-02 20:32:20 +0000 |
|---|---|---|
| committer | millert <millert@openbsd.org> | 2021-01-02 20:32:20 +0000 |
| commit | 07817e4bdc8b6868189ab279749fa0d1c77e97fb (patch) | |
| tree | e4d4b7af2c325ba352ce7294f353e88da1600beb /libexec | |
| parent | Import libc++abi 10.0.1 release. (diff) | |
| download | wireguard-openbsd-07817e4bdc8b6868189ab279749fa0d1c77e97fb.tar.xz wireguard-openbsd-07817e4bdc8b6868189ab279749fa0d1c77e97fb.zip | |
Check auth_mkvalue(3) return value for NULL (malloc failure).
For constant strings we don't actually need to use auth_mkvalue(3).
Problem reported by Ross L Richardson.
Diffstat (limited to 'libexec')
| -rw-r--r-- | libexec/login_passwd/login_passwd.c | 5 | ||||
| -rw-r--r-- | libexec/login_radius/login_radius.c | 32 | ||||
| -rw-r--r-- | libexec/login_skey/login_skey.c | 12 | ||||
| -rw-r--r-- | libexec/login_token/login_token.c | 12 |
4 files changed, 41 insertions, 20 deletions
diff --git a/libexec/login_passwd/login_passwd.c b/libexec/login_passwd/login_passwd.c index 92790494489..df83a825d76 100644 --- a/libexec/login_passwd/login_passwd.c +++ b/libexec/login_passwd/login_passwd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: login_passwd.c,v 1.18 2020/05/15 17:25:39 millert Exp $ */ +/* $OpenBSD: login_passwd.c,v 1.19 2021/01/02 20:32:20 millert Exp $ */ /*- * Copyright (c) 1995 Berkeley Software Design, Inc. All rights reserved. @@ -49,7 +49,6 @@ #include <util.h> #include <login_cap.h> -#include <bsd_auth.h> int main(int argc, char *argv[]) @@ -121,7 +120,7 @@ main(int argc, char *argv[]) } if (wheel != NULL && strcmp(wheel, "yes") != 0) { fprintf(back, BI_VALUE " errormsg %s\n", - auth_mkvalue("you are not in group wheel")); + "you are not in group wheel"); fprintf(back, BI_REJECT "\n"); exit(1); } diff --git a/libexec/login_radius/login_radius.c b/libexec/login_radius/login_radius.c index 9b00f973133..6e38ba7c138 100644 --- a/libexec/login_radius/login_radius.c +++ b/libexec/login_radius/login_radius.c @@ -1,4 +1,4 @@ -/* $OpenBSD: login_radius.c,v 1.9 2017/04/27 20:55:52 millert Exp $ */ +/* $OpenBSD: login_radius.c,v 1.10 2021/01/02 20:32:20 millert Exp $ */ /*- * Copyright (c) 1996, 1997 Berkeley Software Design, Inc. All rights reserved. @@ -183,19 +183,29 @@ main(int argc, char **argv) strcmp(service, "login") ? challenge : NULL, password, &emsg); if (c == 0) { - if (*challenge == '\0') + if (*challenge == '\0') { (void)fprintf(back, BI_AUTH "\n"); - else { - (void)fprintf(back, BI_VALUE " challenge %s\n", - auth_mkvalue(challenge)); - (void)fprintf(back, BI_CHALLENGE "\n"); + exit(0); + } else { + char *val = auth_mkvalue(challenge); + if (val != NULL) { + (void)fprintf(back, BI_VALUE " challenge %s\n", + val); + (void)fprintf(back, BI_CHALLENGE "\n"); + exit(0); + } + emsg = "unable to allocate memory"; + } + } + if (emsg != NULL) { + if (strcmp(service, "login") == 0) { + (void)fprintf(stderr, "%s\n", emsg); + } else { + emsg = auth_mkvalue(emsg); + (void)fprintf(back, BI_VALUE " errormsg %s\n", + emsg ? emsg : "unable to allocate memory"); } - exit(0); } - if (emsg && strcmp(service, "login") == 0) - (void)fprintf(stderr, "%s\n", emsg); - else if (emsg) - (void)fprintf(back, "value errormsg %s\n", auth_mkvalue(emsg)); if (strcmp(service, "challenge") == 0) { (void)fprintf(back, BI_SILENT "\n"); exit(0); diff --git a/libexec/login_skey/login_skey.c b/libexec/login_skey/login_skey.c index 11a3bae3503..f57f76ebc73 100644 --- a/libexec/login_skey/login_skey.c +++ b/libexec/login_skey/login_skey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: login_skey.c,v 1.28 2019/06/28 13:32:53 deraadt Exp $ */ +/* $OpenBSD: login_skey.c,v 1.29 2021/01/02 20:32:20 millert Exp $ */ /* * Copyright (c) 2000, 2001, 2004 Todd C. Miller <millert@openbsd.org> @@ -157,8 +157,14 @@ main(int argc, char *argv[]) case MODE_CHALLENGE: haskey = (skeychallenge2(fd, &skey, user, challenge) == 0); strlcat(challenge, "\nS/Key Password:", sizeof(challenge)); - fprintf(back, BI_VALUE " challenge %s\n", - auth_mkvalue(challenge)); + cp = auth_mkvalue(challenge); + if (cp == NULL) { + (void)fprintf(back, BI_VALUE " errormsg %s\n", + "unable to allocate memory"); + (void)fprintf(back, BI_REJECT "\n"); + exit(1); + } + fprintf(back, BI_VALUE " challenge %s\n", cp); fprintf(back, BI_CHALLENGE "\n"); if (haskey) { fprintf(back, BI_FDPASS "\n"); diff --git a/libexec/login_token/login_token.c b/libexec/login_token/login_token.c index 0ee7d2cdda4..6f11b54f6cd 100644 --- a/libexec/login_token/login_token.c +++ b/libexec/login_token/login_token.c @@ -1,4 +1,4 @@ -/* $OpenBSD: login_token.c,v 1.16 2019/06/28 13:32:53 deraadt Exp $ */ +/* $OpenBSD: login_token.c,v 1.17 2021/01/02 20:32:20 millert Exp $ */ /*- * Copyright (c) 1995, 1996 Berkeley Software Design, Inc. All rights reserved. @@ -152,8 +152,14 @@ main(int argc, char *argv[]) tt->proper); (void)sigprocmask(SIG_UNBLOCK, &blockset, NULL); if (mode == 1) { - fprintf(back, BI_VALUE " challenge %s\n", - auth_mkvalue(challenge)); + char *val = auth_mkvalue(challenge); + if (val == NULL) { + (void)fprintf(back, BI_VALUE " errormsg %s\n", + "unable to allocate memory"); + (void)fprintf(back, BI_REJECT "\n"); + exit(1); + } + fprintf(back, BI_VALUE " challenge %s\n", val); fprintf(back, BI_CHALLENGE "\n"); exit(0); } |