MDEV-8673 - [PATCH] Missing Sanity Check for strndup() in MariaDB 10.0.2x

svoj · svoj · commit c69cf93bfb3a · 2015-09-16T17:24:34.000+04:00
Contributed by Bill Parker.

Added check for strndup() return value.
diff --git a/plugin/auth_pam/auth_pam.c b/plugin/auth_pam/auth_pam.c
@@ -98,7 +98,8 @@ static int conv(int n, const struct pam_message **msg,
       if (pkt_len < 0)
         return PAM_CONV_ERR;
       /* allocate and copy the reply to the response array */
-      (*resp)[i].resp = strndup((char*)pkt, pkt_len);
+      if (!((*resp)[i].resp= strndup((char*) pkt, pkt_len)))
+        return PAM_CONV_ERR;
       param->ptr = param->buf + 1;
     }
   }

Original file line number	Diff line number	Diff line change
`@@ -98,7 +98,8 @@ static int conv(int n, const struct pam_message **msg,`
`98`	`98`	`if (pkt_len < 0)`
`99`	`99`	`return PAM_CONV_ERR;`
`100`	`100`	`/* allocate and copy the reply to the response array */`
`101`		`- (resp)[i].resp = strndup((char)pkt, pkt_len);`
	`101`	`+ if (!((resp)[i].resp= strndup((char) pkt, pkt_len)))`
	`102`	`+ return PAM_CONV_ERR;`
`102`	`103`	`param->ptr = param->buf + 1;`
`103`	`104`	`}`
`104`	`105`	`}`