Package: libpam-ccreds / 10-8

PATCH-make-sure-we-don-t-overflow-the-data-buffer.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
From: Nicolas Boullis <nicolas.boullis@ecp.fr>
Date: Mon, 23 Mar 2009 10:46:44 +0100
Subject: [PATCH] make sure we don't overflow the data buffer

---
 cc_db.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cc_db.c b/cc_db.c
index c0e0488..9371c4d 100644
--- a/cc_db.c
+++ b/cc_db.c
@@ -199,7 +199,7 @@ int pam_cc_db_get(void *_db, const char *keyname, size_t keylength,
 		return (rc == DB_NOTFOUND) ? PAM_AUTHINFO_UNAVAIL : PAM_SERVICE_ERR;
 	}
 
-	if (val.size < *size) {
+	if (val.size > *size) {
 		return PAM_BUF_ERR;
 	}