Validate the service name, closing an attack vector for programs like

kcheckpass that let the user specify which policy to apply. See <URL:http://c-skills.blogspot.com/2011/11/openpam-trickery.html>. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@497 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2011-11-21 16:25:49 +00:00 · 2011-11-21 16:25:49 +00:00 · b9f0b632da
parent 026c898ec5
commit b9f0b632da
1 changed files with 5 additions and 0 deletions
--- a/lib/openpam_configure.c
+++ b/lib/openpam_configure.c
@ -556,6 +556,11 @@ openpam_configure(pam_handle_t *pamh,
 	const char *service)
 {
 	pam_facility_t fclt;
+	const char *p;
+
+	for (p = service; *p; ++p)
+		if (!is_pfcs(*p))
+			return (PAM_SYSTEM_ERR);

 	if (openpam_load_chain(pamh, service, PAM_FACILITY_ANY) != PAM_SUCCESS)
 		goto load_err;