Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix pam_get_data stack overwrite by saving a heap pointer instead
The previous code was using a trick of saving the actual retval value as the "pointer". The problem with that was when pam_get_data copied it out it treated it as a void* which is 8 byte on 64 bit operating system which meant it copied 8 byte to a 4 byte location and overwrote the stack with 4 bytes. The fix is using a heap pointer instead, influenced by the official code in https://github.com/linux-pam/linux-pam/blob/master/modules/pam_unix/pam_unix_auth.c With feedback from pedro martelletto, thanks.
- Loading branch information