packages/sudo
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
sudo/backport-Fix-memory-leak-of-pass-in-converse.patch
modric 3213e9bd82 Backport patches from upstream community. 
(cherry picked from commit bef154bcfd83a54e15b044e24cedcecec44a1106)
2022-12-08 20:29:40 +08:00

23 lines
795 B
Diff
Raw Blame History

From f5cae905ca1a9f686f80aea45a34cea50fec0534 Mon Sep 17 00:00:00 2001
From: modric <pioneerbtw7@163.com>
Date: Thu, 17 Nov 2022 16:08:59 +0800
Subject: [PATCH] Fix memory leak of pass in converse().
---
plugins/sudoers/auth/pam.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/plugins/sudoers/auth/pam.c b/plugins/sudoers/auth/pam.c
index dee9ea2..e90a4a6 100644
--- a/plugins/sudoers/auth/pam.c
+++ b/plugins/sudoers/auth/pam.c
@@ -703,6 +703,8 @@ converse(int num_msg, PAM_CONST struct pam_message **msg,
"password longer than %d", PAM_MAX_RESP_SIZE);
ret = PAM_CONV_ERR;
memset_s(pass, SUDO_CONV_REPL_MAX, 0, strlen(pass));
+ free(pass);
+ pass = NULL;
goto done;
}
reply[n].resp = pass; /* auth_getpass() malloc's a copy */
Reference in New Issue View Git Blame Copy Permalink