svn commit: r272281 - head/lib/libpam/modules/pam_login_access
Bruce Evans
brde at optusnet.com.au
Mon Sep 29 14:24:31 UTC 2014
On Mon, 29 Sep 2014, Bjoern A. Zeeb wrote:
>
> On 29 Sep 2014, at 11:10 , Dimitry Andric <dim at FreeBSD.org> wrote:
>
>> On 29 Sep 2014, at 12:36, Bjoern A. Zeeb <bz at FreeBSD.org> wrote:
>>> ...
>>> Log:
>>> Hopefully fix build breakage with gcc passing void * instead of char *
>>> to "%s" format string after r272280.
>>>
>>> Modified: head/lib/libpam/modules/pam_login_access/pam_login_access.c
>>> ==============================================================================
>>> --- head/lib/libpam/modules/pam_login_access/pam_login_access.c Mon Sep 29 08:57:36 2014 (r272280)
>>> +++ head/lib/libpam/modules/pam_login_access/pam_login_access.c Mon Sep 29 10:36:14 2014 (r272281)
>>> @@ -94,7 +94,8 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int
>>> PAM_VERBOSE_ERROR("%s is not allowed to log in on %s",
>>> user, tty);
>>> } else {
>>> - PAM_LOG("Checking login.access for user %s", user);
>>> + PAM_LOG("Checking login.access for user %s",
>>> + (const char *)user);
>>> if (login_access(user, "***unknown***") != 0)
>>> return (PAM_SUCCESS);
>>> PAM_VERBOSE_ERROR("%s is not allowed to log in", user);
>>>
>>
>> Just a few lines after the one you fixed it accesses the same variable
>> again. Why doesn't it warn there? And why is 'user' not a char * to
>> begin with? :)
>
> For the latter ask des.
>
> the PAM_VERBOSE_ERROR goes into a function which (if remembering correctly) does the va_start and asprintf rather than just being a macro to printf. The arguments are not casted anywhere to that macro but I am, again, sure des will have an opinion on it;-)
Just another bug. PAM_LOG() expands to a call to a function that is
declared as __printflike() (but with a worse spelling).
PAM_VERBOSE_ERROR() expands to a call to a function that is missing
this declaration.
Other bugs in PAM_VERBOSE_ERROR()'s function include not checking if
asprintf() succeeded. malloc() failures can't happen, but it is bad
to do dynamic allocation in an error-reporting routine. All uses of
PAM_VERBOSE_ERROR() except 2 visible in the patch use a format with no
args, so there aren't many print format errors to fix. asprintf()
is a heavyweight method for constructing a format for printing these
args (and some others that are automatically added).
Bruce
More information about the svn-src-all
mailing list