diff options
| author | Andrew G. Morgan <morgan@kernel.org> | 2023-12-22 06:37:02 -0800 |
|---|---|---|
| committer | Andrew G. Morgan <morgan@kernel.org> | 2023-12-22 06:37:02 -0800 |
| commit | ee20d385ef319f8523f1debc49f375c8eff257a6 (patch) | |
| tree | b395af6b55cf891ef0fe484681552c7ce3616bc6 | |
| parent | 65851358069f51e15a1931cf8ad17f863940e4d4 (diff) | |
| download | libcap-ee20d385ef319f8523f1debc49f375c8eff257a6.tar.gz | |
Stop using _pam_overwrite() in pam_cap.c.
It looks like the Linux-PAM folk have deprecated this macro. Compiler optimization
is hard to account for: apparently this explicit deletion is no longer
guaranteed to work. This function was marked deprecated in v1.5.3 of Linux-PAM.
I've replaced its use with memset(). I'm not convinced that that will be honored
either, but remain hopeful and prefer to leave the code explicit in its intent
without a deprecation warning messing up the build log. Should some compiler
optimize it away and it leads to an exploit of some sort, it can be revealed as
a compilation bug.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
| -rw-r--r-- | pam_cap/pam_cap.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/pam_cap/pam_cap.c b/pam_cap/pam_cap.c index b9419cb..3fe3b8c 100644 --- a/pam_cap/pam_cap.c +++ b/pam_cap/pam_cap.c @@ -199,7 +199,7 @@ defer: int i; for (i = 0; i < groups_n; i++) { char *g = groups[i]; - _pam_overwrite(g); + memset(g, 0, strlen(g)); _pam_drop(g); } if (groups != NULL) { @@ -440,7 +440,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, small race associated with a redundant read of the config. */ - _pam_overwrite(conf_caps); + memset(conf_caps, 0, strlen(conf_caps)); _pam_drop(conf_caps); return PAM_SUCCESS; |