96e5cda4e0
PAM module state (created in pam_sm_authenticate and referenced later in pam_sm_setcred and pam_sm_acct_mgmt). However, the krb5_ccache structure shares some data members with the krb5_context structure that was used in its creation. Since a new krb5_context is created and destroyed at each PAM entry point, this inevitably caused the krb5_ccache structure to reference free'd memory. Now instead of storing a pointer to the krb5_ccache structure, we store the name of the cache (e.g. `MEMORY:0x123CACHE') in pam_sm_authenticate, and resolve the name in the other entry points. This bug was uncovered by phkmalloc's free'd memory scrubbing. Approved by: re (jhb) |
||
---|---|---|
.. | ||
pam_deny | ||
pam_echo | ||
pam_exec | ||
pam_ftp | ||
pam_ftpusers | ||
pam_kerberosIV | ||
pam_krb5 | ||
pam_ksu | ||
pam_lastlog | ||
pam_login_access | ||
pam_nologin | ||
pam_opie | ||
pam_opieaccess | ||
pam_passwdqc | ||
pam_permit | ||
pam_radius | ||
pam_rhosts | ||
pam_rootok | ||
pam_securetty | ||
pam_self | ||
pam_ssh | ||
pam_tacplus | ||
pam_unix | ||
pam_wheel | ||
Makefile | ||
Makefile.inc | ||
modules.inc |