d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
10571c04c9
freebsd-nq/lib
History
Yan Ka Chiu 26db194f3d pam_exec: fix segfault when authtok is null 
According to pam_exec(8), the `expose_authtok` option should be ignored
when the service function is `pam_sm_setcred`. Currently `pam_exec` only
prevent prompt for anth token when `expose_authtok` is set on
`pam_sm_setcred`. This subsequently led to segfault when there isn't an
existing auth token available.

Bug reported on this: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263893

After reading https://reviews.freebsd.org/rS349556 I am not sure if the
default behaviour supposed to be simply not prompt for authentication
token, or is it to ignore the option entirely as stated in the man page.

This patch is therefore only adding an additional NULL check on the item
`pam_get_item` provide, and exit with `PAM_SYSTEM_ERR` when such item is
NULL.

Approved by:	so
Security:	FreeBSD-EN-22:19.pam_exec
MFC after:	1 week
Reviewed by:	des, khng
Differential Revision:	https://reviews.freebsd.org/D35169

(cherry picked from commit b75e0eed34)
(cherry picked from commit ea80848e1c)
2022-07-25 17:01:46 -04:00
..
atf Do not build libatf-c++ when WITHOUT_CXX 2021-11-29 10:10:53 -05:00
clang 13.1: update stable/13 to -PRERELEASE to start the release cycle 2022-02-23 23:21:49 -05:00
csu Update in preparation of 13.1-RELEASE 2022-05-11 19:59:24 -04:00
flua jail(3lua): add jail.attach()/jail.remove() methods 2021-10-06 02:13:27 -05:00
geom geom: Add HiFive boot partitions 2022-02-09 12:39:50 -05:00
googletest googletest: Silence warnings about deprecated implicit copy constructors 2021-08-29 12:29:21 +02:00
lib9p lib9p: fix building on systems without capser 2021-01-04 20:48:48 +01:00
lib80211 lib80211: Start adding 11ac ETSI bits to regdomain.xml 2021-07-18 00:34:57 +00:00
libalias Rename NO_WERROR -> MK_WERROR=no 2021-01-07 09:31:03 +00:00
libarchive libarchive: fix zstd compression support 2022-04-11 01:52:50 +02:00
libauditd libauditd: make it a PRIVATELIB 2020-04-19 02:20:39 +00:00
libbe bectl: push space-in-name check down into libbe 2022-04-06 09:32:51 -05:00
libbearssl Revert that! 2020-07-19 23:56:19 +00:00
libbegemot Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libblacklist Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libblocksruntime Move all sources from the llvm project into contrib/llvm-project. 2019-12-20 19:53:05 +00:00
libbluetooth Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libbsdstat Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libbsm libbsm: fix some MLINKS 2020-04-19 02:18:40 +00:00
libbsnmp pkgbase: Put the mibs and defs in the bnsmp package 2021-06-30 09:24:33 +02:00
libbz2 Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libc time(3): Refine history in the manual page 2022-04-22 16:36:36 +02:00
libc_nonshared
libc++ Install unwind.h into /usr/include 2022-02-20 13:29:44 +01:00
libc++experimental Merge llvm-project release/13.x llvmorg-13.0.0-rc1-97-g23ba3732246a 2021-12-06 17:30:03 +01:00
libcalendar Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libcam cam_get_device: resolve path links before parsing device name 2022-02-16 09:52:53 +02:00
libcapsicum Add missing FreeBSD functions to -legacy when building on macOS/Linux 2020-08-25 13:23:31 +00:00
libcasper libcasper(3): Correct some warnings found by mandoc 2021-07-19 08:16:57 +02:00
libcbor Add libcbor to the build 2022-02-09 16:24:32 -05:00
libclang_rt riscv: fix riscv64sf build 2022-03-28 18:29:53 +02:00
libcom_err pkgbase: Create a FreeBSD-kerberos package 2022-01-05 18:23:50 +01:00
libcompat
libcompiler_rt Build compiler-rt against libunwind, not libcxxrt 2022-03-17 16:14:09 +01:00
libcrypt libcrypt: Drop inclusion of libutil.h 2022-01-24 23:59:19 +00:00
libcuse Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libcxxrt Sort SRCS in libcxxrt's Makefile, and use += to list sources 2022-01-27 19:58:33 +01:00
libdevctl Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libdevdctl Fix race in case of device destruction. 2021-04-27 08:47:39 -04:00
libdevinfo devinfo: add man page links 2020-08-04 21:09:36 +00:00
libdevstat Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libdl libc: include rtld.h into static implementations of rtld interface 2021-04-23 14:14:07 +03:00
libdpv Bump shared library versions after ncurses bump in 13. 2021-02-04 17:51:45 -08:00
libdwarf Apply only the libadd/libnames part of dbf05458e3 2021-12-13 22:23:44 +01:00
libedit sh(1): autocomplete commands 2021-05-05 13:04:57 +02:00
libefivar libefivar: Correct the string expression of UTF8 vendor device path 2022-03-09 13:52:22 -07:00
libelf libelf: Link gelf_getchdr.3 to the build 2021-12-06 09:04:03 -05:00
libelftc Update ELF Tool Chain to upstream r3769 2019-12-05 13:20:15 +00:00
libevent1 rename in-tree libevent v1 to libevent1 2020-05-28 22:05:50 +00:00
libexecinfo Move all sources from the llvm project into contrib/llvm-project. 2019-12-20 19:53:05 +00:00
libexpat MFS 26e8bb3: MFC cc68614, ac69e5d, 7ed8e14: Update contrib/expat to 2.4.7. 2022-03-31 23:28:18 -07:00
libfetch pkgbase: Create a FreeBSD-fetch package 2022-01-05 18:23:53 +01:00
libfido2 Add libfido2 to the build 2022-02-09 16:24:54 -05:00
libfigpar Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libgcc_eh Install unwind.h into /usr/include 2022-02-20 13:29:44 +01:00
libgcc_s libgcc_s: Export 64-bit int to 128-bit float functions 2021-10-10 14:36:52 +01:00
libgeom [skip ci] correct a few SPDX license tags 2021-07-27 11:57:17 -06:00
libgpio Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libgssapi Remove __NO_TLS. 2021-03-02 02:49:42 +02:00
libiconv_modules Do a sweep and remove most WARNS=6 settings 2020-10-01 01:10:51 +00:00
libifconfig libifconfig: Overhaul ifconfig_media_* interfaces 2021-03-19 09:00:19 -04:00
libipsec ipsec_set_policy(3): fix sentence 2021-08-13 12:34:42 +03:00
libipt Update Intel Processor Trace decoder library. 2019-10-10 12:46:34 +00:00
libjail libjail: Handle an error from reallocarray() when trimming the buffer. 2020-01-07 21:44:27 +00:00
libkiconv libkiconv: address memory leak in not-found cases 2021-04-27 20:10:12 -04:00
libkvm libkvm: fix kvm_walk_pages 2022-02-16 20:18:32 -05:00
libldns Update Makefile.depend files 2019-12-11 17:37:53 +00:00
liblua contrib/lua: update to 5.4.2 2021-01-13 23:56:18 -06:00
liblutok Add liblutok a lightweight C++ API for lua. 2020-03-23 18:26:23 +00:00
liblzma Convert libs with pc files to use PCFILES 2021-06-30 09:24:30 +02:00
libmagic file: Fix cross-compilation on Darwin/macOS 2022-01-25 00:05:17 +00:00
libmd Add accelerated arm64 sha512 to libmd 2021-12-29 10:06:00 +00:00
libmemstat sys/bitset.h: reduce visibility of BIT_* macros 2022-01-14 18:17:30 +02:00
libmilter Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libmp Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libmt mt(3): Fix a typo in the manual page 2022-04-15 15:28:34 +02:00
libnetbsd
libnetgraph Fix SYNPOSIS section to point to the proper include directive. 2020-05-15 12:04:39 +00:00
libnetmap libnetmap: reset errno in nmreq_register_decode() 2021-09-26 14:11:59 +00:00
libngatm Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libnv libpfct: Fix PIC flag 2021-05-07 10:15:43 +02:00
libomp Merge llvm-project release/13.x llvmorg-13.0.0-rc1-97-g23ba3732246a 2021-12-06 17:30:03 +01:00
libopenbsd Only set WARNS if not defined 2020-09-11 13:28:37 +00:00
libopencsd Update opencsd to 0.14.2 2020-06-17 10:42:20 +00:00
libopie Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libpam pam_exec: fix segfault when authtok is null 2022-07-25 17:01:46 -04:00
libpathconv Fix a few mandoc issues 2020-10-09 19:12:44 +00:00
libpcap MFV r353141 (by phillip): 2019-12-21 21:01:03 +00:00
libpe
libpfctl libpfctl: fix pfctl_kill_states() 2022-02-18 11:14:59 +01:00
libpjdlog pkgbase: Create a FreeBSD-utilities package and make it the default one 2019-09-05 14:15:47 +00:00
libpmc libpmc: Allow specifying explicit EVENT_xxH events on armv7 and arm64 2022-03-09 21:04:10 +00:00
libpmcstat pmcstat: fix PPC kernel symbol resolution 2020-11-05 16:47:23 +00:00
libproc Do a sweep and remove most WARNS=6 settings 2020-10-01 01:10:51 +00:00
libprocstat libprocstat kstack: fix race with thread creation 2022-03-02 15:56:30 -06:00
libradius libradius: fix no SSL build 2021-12-12 17:17:00 -05:00
libregex pkgbase: Put more binaries/lib in runtime 2022-01-05 18:23:51 +01:00
librpcsec_gss Fix a few mandoc issues 2020-10-09 19:12:44 +00:00
librpcsvc pkgbase: Put more binaries/lib in runtime 2022-01-05 18:23:51 +01:00
librss Update Makefile.depend files 2019-12-11 17:37:53 +00:00
librt pkgbase: Move librt to clibs 2021-06-30 09:24:31 +02:00
librtld_db librtld_db: Handle shlibs with discontiguous mappings. 2022-01-05 12:23:04 -05:00
libsbuf Do a sweep and remove most WARNS=6 settings 2020-10-01 01:10:51 +00:00
libsdp Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libsecureboot libsecureboot: define SOPEN_MAX 2021-09-03 23:45:16 +03:00
libsm Merge sendmail 8.16.1 to HEAD: See contrib/sendmail/RELEASE_NOTES for details 2020-07-15 18:28:54 +00:00
libsmb
libsmdb Merge sendmail 8.16.1 to HEAD: See contrib/sendmail/RELEASE_NOTES for details 2020-07-15 18:28:54 +00:00
libsmutil
libsqlite3 [PowerPC64LE] Pass our byte order to the sqlite3 build. 2020-09-23 02:17:44 +00:00
libssp libssp: don't compile with -fstack-protector* 2020-03-14 15:15:27 +00:00
libssp_nonshared Provide libssp based on libc 2020-01-04 20:19:25 +00:00
libstats Make use of the stats(3) framework in the TCP stack. 2019-12-02 20:58:04 +00:00
libstdbuf
libstdthreads Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libsysdecode fd: add close_range(..., CLOSE_RANGE_CLOEXEC) 2022-03-07 12:15:47 +00:00
libtacplus libtacplus: Remove bogus srandomdev+random 2019-12-13 05:11:34 +00:00
libtelnet
libthr libthr: Disable stack unwinding on ARM. 2022-02-20 13:29:59 +01:00
libthread_db Remove libthr, csu, libthread_db and testfloat sparc64 specific directories. 2020-02-27 04:44:58 +00:00
libucl Only set WARNS if not defined 2020-09-11 13:28:37 +00:00
libufs Update the libufs cgget() and cgput() interfaces to have a similar 2020-09-19 22:48:30 +00:00
libugidfw Deduplicate fsid comparisons 2020-05-21 01:55:35 +00:00
libulog Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libunbound MFV r361322: 2020-05-21 21:00:46 +00:00
libusb libusb(3): Ignore SIGPIPE when initializing the LibUSB v1.0 API. 2022-03-05 15:40:08 +01:00
libusbhid USB HID descriptors may push/pop the current state to allow 2020-06-05 07:57:16 +00:00
libutil libutil: add kinfo_getswapvmobject(3) 2021-11-01 02:44:51 +02:00
libveriexec Do not claim libbearssl et al are INTERNALLIB 2020-04-01 05:45:12 +00:00
libvgl Update Makefile.depend files 2019-12-11 17:37:53 +00:00
libvmmapi libvmmapi: Fix warnings and stop overridding WARNS 2021-08-02 15:01:02 -04:00
libwrap pkgbase: Put more binaries/lib in runtime 2022-01-05 18:23:51 +01:00
libxo pkgbase: Install libxo test files in the tests package 2021-01-04 16:20:26 +01:00
liby
libypclnt pkgbase: Put more binaries/lib in runtime 2022-01-05 18:23:51 +01:00
libz lib/libz: remove ZLIBprivate_1.0 namespace. 2022-04-04 16:02:13 -04:00
libzstd Disable clang 14 warning about bitwise operators in zstd 2022-02-11 17:42:30 +01:00
msun Remove set-but-unused variable from s_sincosl.c 2021-12-17 19:32:40 +01:00
ncurses Bump shared library versions after ncurses bump in 13. 2021-02-04 17:51:45 -08:00
ofed Remove remaining uses of ${COMPILER_FEATURES:Mc++11} 2021-01-19 21:37:36 +00:00
tests
Makefile riscv: actually enable sanitizers 2022-03-28 18:29:53 +02:00
Makefile.inc build: provide a default WARNS for all in-tree builds 2020-09-18 17:17:46 +00:00