[Bug 255420] pam_exec expose_auth_tok segfaults
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon Apr 26 13:28:17 UTC 2021
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255420
Bug ID: 255420
Summary: pam_exec expose_auth_tok segfaults
Product: Base System
Version: 13.0-RELEASE
Hardware: Any
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: misc
Assignee: bugs at FreeBSD.org
Reporter: divVerent at gmail.com
Repro: add to a /etc/pam.d/login:
auth optional pam_exec.so expose_authtok -- /bin/sh -c 'cat > /dev/null'
Result: can no longer login; login will segfault in a strlen(...) + 1 call.
Debugging further yields that this happens in the _second_ call to pam_exec,
namely, pam_sm_setcred. pam_exec there queries the auth token but seems to be
getting NULL back.
Suggesting "somehow" handling the case of the pam_get_item(PAM_AUTHTOK) being
NULL.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list