[Pkg-shadow-commits] r2706 - in upstream/trunk: . src

[Nicolas FRANÇOIS]

Author: nekral-guest
Date: 2009-04-17 20:40:26 +0000 (Fri, 17 Apr 2009)
New Revision: 2706

Modified:
   upstream/trunk/ChangeLog
   upstream/trunk/NEWS
   upstream/trunk/src/login.c
Log:
	* NEWS, src/login.c: Do not trust the current utmp entry's ut_line
	to set PAM_TTY.


Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog	2009-04-15 23:36:17 UTC (rev 2705)
+++ upstream/trunk/ChangeLog	2009-04-17 20:40:26 UTC (rev 2706)
@@ -1,3 +1,8 @@
+2009-04-17  Paul Szabo  <psz at maths.usyd.edu.au>
+
+	* NEWS, src/login.c: Do not trust the current utmp entry's ut_line
+	to set PAM_TTY.
+
 2009-04-15  Nicolas François  <nicolas.francois at centraliens.net>
 
 	* po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
@@ -4,14 +9,14 @@
 	* po/*.po, man/po/*.po: Updated PO files.
 	* configure.in: Updated version number.
 
-2009-04-15  Peter Vrabec <pvrabec at redhat.com>
+2009-04-15  Peter Vrabec  <pvrabec at redhat.com>
 
 	* NEWS, src/userdel.c: Fixed SE Linux support. semanage should be
 	called at the end.
 	* src/useradd.c: Always call selinux_update_mapping() (i.e.
 	semanage), not only when -Z is used.
 
-2009-04-15  Peter Vrabec <pvrabec at redhat.com>
+2009-04-15  Peter Vrabec  <pvrabec at redhat.com>
 
 	* NEWS, srclib/getlong.c: Fix parsing of octal numbers.
 

Modified: upstream/trunk/NEWS
===================================================================
--- upstream/trunk/NEWS	2009-04-15 23:36:17 UTC (rev 2705)
+++ upstream/trunk/NEWS	2009-04-17 20:40:26 UTC (rev 2706)
@@ -1,5 +1,11 @@
 $Id$
 
+shadow-4.1.3.1 -> shadow-4.1.3.2					UNRELEASED
+
+- login
+  * Do not trust the current utmp entry's ut_line to set PAM_TTY. This could
+    lead to DOS attacks.
+
 shadow-4.1.3 -> shadow-4.1.3.1						2009-04-15
 
 *** security:

Modified: upstream/trunk/src/login.c
===================================================================
--- upstream/trunk/src/login.c	2009-04-15 23:36:17 UTC (rev 2705)
+++ upstream/trunk/src/login.c	2009-04-17 20:40:26 UTC (rev 2706)
@@ -416,6 +416,7 @@
  */
 int main (int argc, char **argv)
 {
+	const char *tmptty;
 	char tty[BUFSIZ];
 
 #ifdef RLOGIN
@@ -479,7 +480,13 @@
 	 * entry (will not overwrite remote hostname).  --marekm
 	 */
 	checkutmp (!amroot);
-	STRFCPY (tty, utent.ut_line);
+
+	tmptty = ttyname (0);
+	if (NULL == tmptty) {
+		tmptty = "UNKNOWN";
+	}
+	STRFCPY (tty, tmptty);
+
 #ifndef USE_PAM
 	is_console = console (tty);
 #endif
@@ -1093,7 +1100,7 @@
 
 #ifndef USE_PAM			/* pam_lastlog handles this */
 	if (getdef_bool ("LASTLOG_ENAB")) {	/* give last login and log this one */
-		dolastlog (&lastlog, &pwent, utent.ut_line, hostname);
+		dolastlog (&lastlog, &pwent, tty, hostname);
 	}
 #endif
 
@@ -1147,7 +1154,7 @@
 	if (getppid() == 1) {
 		setsid();
 		if (ioctl(0, TIOCSCTTY, 1) != 0) {
-			fprintf (stderr,_("TIOCSCTTY failed on %s"),tty);
+			fprintf (stderr, _("TIOCSCTTY failed on %s"), tty);
 		}
 	}