search

LinOTP / linotp-auth-pam

LinOTP PAM module
GNU General Public License v2.0
19 stars 17 forks source link

Custom prompt crashes pam #8

Open bastischubert opened 5 years ago

bastischubert commented 5 years ago

Hi,

we compiled the current HEAD and noticed that setting a custom prompt (prompt=2FA-Token:) the pam plugin crashes.

last famous words from strace:

[pid 3555] 10:44:40.730946 writev(2</dev/null>, [{" Error in `", 14}, {"sshd: adm [pam]", 15}, {"': ", 3}, {"free(): invalid pointer", 23}, {": 0x", 4}, {"000055e8ab1f6ecf", 16}, {" \n", 5}], 7) = 80 <0.000044> [pid 3555] 10:44:40.731118 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faf2ef24000 <0.000046>

@floh116 @cron2

beckerr-rzht commented 1 year ago

This patch should fix the "free(): invalid pointer" crash:

--- a/src/pam_linotp.c
+++ b/src/pam_linotp.c
@@ -784,7 +784,7 @@ int pam_linotp_get_config(int argc, const char *argv[], LinOTPConfig * config, i
                 log_error("Your prompt definition is to long: %s [%]", argv[i], RESMAXLEN);
                 return (PAM_AUTH_ERR);
             } else {
-                config->prompt = temp;
+                config->prompt = strdup(temp);
             }
         }
         else {