Fix CVE-2020-10595: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10595 Patch copied from upstream advisory: https://seclists.org/oss-sec/2020/q1/128 diff --git a/prompting.c b/prompting.c index e985d95..d81054f 100644 --- a/prompting.c +++ b/prompting.c @@ -314,26 +314,27 @@ pamk5_prompter_krb5(krb5_context context UNUSED, void *data, const char *name, /* * Reuse pam_prompts as a starting index and copy the data into the reply * area of the krb5_prompt structs. */ pam_prompts = 0; if (name != NULL && !args->silent) pam_prompts++; if (banner != NULL && !args->silent) pam_prompts++; for (i = 0; i < num_prompts; i++, pam_prompts++) { - size_t len; + size_t len, allowed; if (resp[pam_prompts].resp == NULL) goto cleanup; len = strlen(resp[pam_prompts].resp); - if (len > prompts[i].reply->length) + allowed = prompts[i].reply->length; + if (allowed == 0 || len > allowed - 1) goto cleanup; /* * The trailing nul is not included in length, but other applications * expect it to be there. Therefore, we copy one more byte than the * actual length of the password, but set length to just the length of * the password. */ memcpy(prompts[i].reply->data, resp[pam_prompts].resp, len + 1); prompts[i].reply->length = (unsigned int) len; cm?id=0d165fba93f69b3d3f53478d0f0c6c7a58778e7e'>diff
path: root/gnu/tests/networking.scm
AgeCommit message (Expand)Author
2023-05-14tests: dhcpd: Avoid race conditions....Ludovic Courtès
2023-05-11tests: openvswitch: Wait for 'openvswitch-configuration' to be up....Ludovic Courtès
2021-12-13tests: static-networking: Adjust to new style....Ludovic Courtès
2021-12-13Merge branch 'master' into core-updates-frozenLudovic Courtès
2021-12-12tests: Replace uses of deprecated 'static-networking-service'....Ludovic Courtès
2021-12-12services: static-networking: Change interface to mimic netlink....Ludovic Courtès
2021-12-12tests: openvswitch: Check whether ovs0 is up....Ludovic Courtès
2021-12-12tests: Add 'static-networking' test....Ludovic Courtès
2021-09-26tests: Reduce boilerplate for users of 'system-test-runner'....Ludovic Courtès
2021-09-25tests: Adjust to SRFI-64 as found in Guile 3.0.7....Ludovic Courtès
2021-04-12gnu: tests: Test basic funtionality of the IPFS service....Maxime Devos