| commit | 773a7b98f9d4e0767dfdd270a339e9f31ca4edea | [log] [tgz] |
|---|---|---|
| author | Damien Miller <djm@mindrot.org> | Wed Jul 09 20:54:05 2008 +1000 |
| committer | Damien Miller <djm@mindrot.org> | Wed Jul 09 20:54:05 2008 +1000 |
| tree | a05f6443bb1691edc6140d65af6b0db73c89ccc6 | |
| parent | d9648eee7cacf633c79ad0f50d7e3215200d2920 [diff] [blame] |
- (djm) [auth1.c] Fix format string vulnerability in protocol 1 PAM account check failure path. The vulnerable format buffer is supplied from PAM and should not contain attacker-supplied data.
diff --git a/auth1.c b/auth1.c index 834ef04..b8a2558 100644 --- a/auth1.c +++ b/auth1.c
@@ -354,7 +354,7 @@ msg[len] = '\0'; else msg = "Access denied."; - packet_disconnect(msg); + packet_disconnect("%s", msg); } #endif