- (djm) [auth-pam.c] Avoid use of xstrdup and friends in conversation function,
instead return PAM_CONV_ERR, avoiding another path to fatal(); ok dtucker@
diff --git a/auth-pam.c b/auth-pam.c
index 5f4200f..63515c3 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -47,7 +47,7 @@
/* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */
#include "includes.h"
-RCSID("$Id: auth-pam.c,v 1.111 2004/07/11 06:54:08 dtucker Exp $");
+RCSID("$Id: auth-pam.c,v 1.112 2004/07/18 23:39:11 djm Exp $");
#ifdef USE_PAM
#if defined(HAVE_SECURITY_PAM_APPL_H)
@@ -817,7 +817,8 @@
case PAM_PROMPT_ECHO_ON:
fprintf(stderr, "%s\n", PAM_MSG_MEMBER(msg, i, msg));
fgets(input, sizeof input, stdin);
- reply[i].resp = xstrdup(input);
+ if ((reply[i].resp = strdup(input)) == NULL)
+ goto fail;
reply[i].resp_retcode = PAM_SUCCESS;
break;
case PAM_ERROR_MSG:
@@ -1003,7 +1004,8 @@
case PAM_PROMPT_ECHO_OFF:
if (sshpam_password == NULL)
goto fail;
- reply[i].resp = xstrdup(sshpam_password);
+ if ((reply[i].resp = strdup(sshpam_password)) == NULL)
+ goto fail;
reply[i].resp_retcode = PAM_SUCCESS;
break;
case PAM_ERROR_MSG:
@@ -1014,7 +1016,8 @@
PAM_MSG_MEMBER(msg, i, msg), len);
buffer_append(&loginmsg, "\n", 1);
}
- reply[i].resp = xstrdup("");
+ if ((reply[i].resp = strdup("")) == NULL)
+ goto fail;
reply[i].resp_retcode = PAM_SUCCESS;
break;
default: