mirror of
https://github.com/freebsd/freebsd-src
synced 2024-10-07 00:50:50 +00:00
Add minimal validation of the service name to fend off at least one
attack vector against applications that allow the applicant to specify which policy to apply. Submitted by: Matthias Drochner <drochner@netbsd.org> MFC after: 1 week
This commit is contained in:
parent
214ca32f1f
commit
4125bad6b4
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=228384
|
@ -285,6 +285,13 @@ openpam_load_chain(pam_handle_t *pamh,
|
|||
size_t len;
|
||||
int r;
|
||||
|
||||
/* don't allow to escape from policy_path */
|
||||
if (strchr(service, '/')) {
|
||||
openpam_log(PAM_LOG_ERROR, "invalid service name: %s",
|
||||
service);
|
||||
return (-PAM_SYSTEM_ERR);
|
||||
}
|
||||
|
||||
for (path = openpam_policy_path; *path != NULL; ++path) {
|
||||
len = strlen(*path);
|
||||
if ((*path)[len - 1] == '/') {
|
||||
|
|
Loading…
Reference in a new issue