rooty/yubico-pam
1
0
Fork 0
mirror of https://github.com/Yubico/yubico-pam.git synced 2025-02-07 18:54:20 +01:00
Code Issues Projects Releases Wiki Activity

Limit action length when parsing arguments

Browse Source 
This limits the allowable action length when arguments are parsed to
ACTION_MAX_LEN, since this might be exploited otherwise.
This commit is contained in:
Karol Babioch 2018-05-04 17:01:38 +02:00
parent 89c1622ba2
commit c32ddd9665
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ykpamcfg.c
View File

@ -105,7 +105,10 @@ parse_args(int argc, char **argv,
*slot = 2; *slot = 2;
break; break;
case 'A': case 'A':
snprintf(*action, ACTION_MAX_LEN, "%s", optarg); if (snprintf(*action, ACTION_MAX_LEN, "%s", optarg) >= ACTION_MAX_LEN) {
fprintf(stderr, "action too long: %s\n", optarg);
exit(1);
}
break; break;
case 'p': case 'p':
*output_dir = optarg; *output_dir = optarg;