svn commit: r314780 - head/lib/libpam/modules/pam_exec

Pedro F. Giffuni pfg at FreeBSD.org
Mon Mar 6 15:45:47 UTC 2017


Author: pfg
Date: Mon Mar  6 15:45:46 2017
New Revision: 314780
URL: https://svnweb.freebsd.org/changeset/base/314780

Log:
  libpam: extra bounds checking through reallocarray(3).
  
  Reviewed by:	des
  MFC after:	1 week

Modified:
  head/lib/libpam/modules/pam_exec/pam_exec.c

Modified: head/lib/libpam/modules/pam_exec/pam_exec.c
==============================================================================
--- head/lib/libpam/modules/pam_exec/pam_exec.c	Mon Mar  6 15:42:03 2017	(r314779)
+++ head/lib/libpam/modules/pam_exec/pam_exec.c	Mon Mar  6 15:45:46 2017	(r314780)
@@ -138,7 +138,7 @@ _pam_exec(pam_handle_t *pamh __unused,
 	nitems = sizeof(env_items) / sizeof(*env_items);
 	/* Count PAM return values put in the environment. */
 	nitems_rv = options->return_prog_exit_status ? PAM_RV_COUNT : 0;
-	tmp = realloc(envlist, (envlen + nitems + 1 + nitems_rv + 1) *
+	tmp = reallocarray(envlist, envlen + nitems + 1 + nitems_rv + 1,
 	    sizeof(*envlist));
 	if (tmp == NULL) {
 		openpam_free_envlist(envlist);


More information about the svn-src-all mailing list