git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Taint: fix pam expansion condition. Bug 2587
[exim.git]
/
src
/
src
/
auths
/
call_pam.c
diff --git
a/src/src/auths/call_pam.c
b/src/src/auths/call_pam.c
index 2959cbbf382d0c84927933f8c35b885751f942bc..80bb23ec396759226b445759b4b639b4b2b8211d 100644
(file)
--- a/
src/src/auths/call_pam.c
+++ b/
src/src/auths/call_pam.c
@@
-83,8
+83,7
@@
for (int i = 0; i < num_msg; i++)
{
case PAM_PROMPT_ECHO_ON:
case PAM_PROMPT_ECHO_OFF:
{
case PAM_PROMPT_ECHO_ON:
case PAM_PROMPT_ECHO_OFF:
- arg = string_nextinlist(&pam_args, &sep, big_buffer, big_buffer_size);
- if (!arg)
+ if (!(arg = string_nextinlist(&pam_args, &sep, NULL, 0)))
{
arg = US"";
pam_arg_ended = TRUE;
{
arg = US"";
pam_arg_ended = TRUE;
@@
-155,7
+154,7
@@
pam_arg_ended = FALSE;
fail. PAM doesn't support authentication with an empty user (it prompts for it,
causing a potential mis-interpretation). */
fail. PAM doesn't support authentication with an empty user (it prompts for it,
causing a potential mis-interpretation). */
-user = string_nextinlist(&pam_args, &sep,
big_buffer, big_buffer_size
);
+user = string_nextinlist(&pam_args, &sep,
NULL, 0
);
if (user == NULL || user[0] == 0) return FAIL;
/* Start off PAM interaction */
if (user == NULL || user[0] == 0) return FAIL;
/* Start off PAM interaction */