Rewrites: fix delivery crash from constant errors_to. Bug 3081

[exim.git] / src / src / auths / call_pam.c

diff --git a/src/src/auths/call_pam.c b/src/src/auths/call_pam.c
index c96e146d15fae7bf6f3e3391d62b7d88dec312cc..3ff15711d21320f8c7e19dc5b286951d770b2dd5 100644 (file)
--- a/src/src/auths/call_pam.c
+++ b/src/src/auths/call_pam.c
@@ -3,7 +3,9 @@
 *************************************************/
 
 /* Copyright (c) University of Cambridge 1995 - 2018 */
+/* Copyright (c) The Exim Maintainers 2020 - 2021 */
 /* See the file NOTICE for conditions of use and distribution. */
+/* SPDX-License-Identifier: GPL-2.0-or-later */
 
 #include "../exim.h"
 
@@ -82,13 +84,12 @@ for (int i = 0; i < num_msg; i++)
     {
     case PAM_PROMPT_ECHO_ON:
     case PAM_PROMPT_ECHO_OFF:
-      arg = string_nextinlist(&pam_args, &sep, big_buffer, big_buffer_size);
-      if (!arg)
+      if (!(arg = string_nextinlist(&pam_args, &sep, NULL, 0)))
        {
        arg = US"";
        pam_arg_ended = TRUE;
        }
-      reply[i].resp = CS string_copy_malloc(arg); /* PAM frees resp */
+      reply[i].resp = strdup(CCS arg); /* Use libc malloc, PAM frees resp directly*/
       reply[i].resp_retcode = PAM_SUCCESS;
       break;
 
@@ -154,7 +155,7 @@ pam_arg_ended = FALSE;
 fail. PAM doesn't support authentication with an empty user (it prompts for it,
 causing a potential mis-interpretation). */
 
-user = string_nextinlist(&pam_args, &sep, big_buffer, big_buffer_size);
+user = string_nextinlist(&pam_args, &sep, NULL, 0);
 if (user == NULL || user[0] == 0) return FAIL;
 
 /* Start off PAM interaction */