Right place for bug reports ?
Todd C. Miller
Todd.Miller at courtesan.com
Mon Jan 21 16:57:20 EST 2002
Older versions of pam follow a NULL pointer. The following
diffs works around this.
Index: auth/pam.c
===================================================================
RCS file: /home/cvs-sudo/sudo/auth/pam.c,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -r1.24 -r1.25
--- auth/pam.c 20 Jan 2002 00:46:44 -0000 1.24
+++ auth/pam.c 20 Jan 2002 19:21:33 -0000 1.25
@@ -221,7 +221,9 @@
/* Read the password. */
pr->resp = estrdup((char *) tgetpass(p,
def_ival(I_PASSWD_TIMEOUT) * 60, tgetpass_flags));
- if (pr->resp == NULL || *pr->resp == '\0')
+ if (pr->resp == NULL)
+ pr->resp = "";
+ if (*pr->resp == '\0')
nil_pw = 1; /* empty password */
break;
case PAM_TEXT_INFO:
More information about the sudo-workers
mailing list