Add fallback size on _SC_GETPW_R_SIZE_MAX

nuvious / pam-duress

A Pluggable Authentication Module (PAM) which allows the establishment of alternate passwords that can be used to perform actions to clear sensitive data, notify IT/Security staff, close off sensitive network connections, etc if a user is coerced into giving a threat actor a password.

GNU Lesser General Public License v3.0

1.33k stars 39 forks source link

Add fallback size on _SC_GETPW_R_SIZE_MAX #44

Closed Artoria2e5 closed 3 months ago

Artoria2e5 commented 1 year ago

sysconf(_SC_GETPW_R_SIZE_MAX) is allowed by POSIX to return -1 on success if the limit is unbounded. Direct conversion to size_t would result in an extremely large, unallocatable size and a UB at the same time. Let's just use a sensible default instead.

The changed code still has a potential UB if for some reason long is larger than SIZE_MAX. Not that I'm aware of any such architecture.

sizeof(char) is pretty useless but also harmless, so I didn't touch it.

Should fix #7.

Artoria2e5 commented 1 year ago

Oh no, the getpwnam_r error handling is also incomplete per man page.

Well it does catch all possible errors; it's just there is a wasted error code.

Artoria2e5 commented 1 year ago

Unfunny aside: gcc somehow emits 2 strlen calls on home_dir. Dumbass!

nuvious commented 1 year ago

Re-opened #7 and will take a look at this over the weekend. Thanks for your contribution @Artoria2e5 and sorry if you got email notification spam from me commenting already. Was trying to find the issue you were re-opening and didn't see you had explicitly mentioned it in this PR already.

nuvious commented 3 months ago

Sorry, this took so long but have tested and reviewed all your changes today. Appreciate your attention to detail, time and contribution @Artoria2e5!