LinuxGruppeIRB/pam-eid
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 3 Wiki Activity

Use safer function snprintf() to write into AusweisApp environment variables

Browse Source
This commit is contained in:
Christoph Pleger 2025-06-06 15:25:31 +02:00
parent e26a6116ec
commit fa35a78a7b
3 changed files with 14 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Changelog
View File

@ -1,3 +1,9 @@
2025-06-06 Christoph Pleger <pleger@irb.cs.tu-dortmund.de>
Release 4.1
+ Use safer function snprintf() to write into
AusweisApp environment variables
2025-01-13 Christoph Pleger <pleger@irb.cs.tu-dortmund.de> 2025-01-13 Christoph Pleger <pleger@irb.cs.tu-dortmund.de>
Release 4.0 Release 4.0

6
debian/changelog vendored
View File

@ -1,3 +1,9 @@
pam-eid (4.1-1) unstable; urgency=medium
* New upstream release
-- Christoph Pleger <pleger@irb.cs.tu-dortmund.de> Fri, 06 Jun 2025 13:43:30 +0200
pam-eid (4.0-1) unstable; urgency=medium pam-eid (4.0-1) unstable; urgency=medium
* New upstream release * New upstream release

4
pam_eid.c
View File

@ -219,8 +219,8 @@ int pam_sm_authenticate(pam_handle_t *pamh,
exit(errno); exit(errno);
} }
sprintf(envp[0], "AUSWEISAPP2_AUTOMATIC_PIN=%s", authtok); snprintf(envp[0], sizeof("AUSWEISAPP2_AUTOMATIC_PIN=123456"), "AUSWEISAPP2_AUTOMATIC_PIN=%s", authtok);
sprintf(envp[1], "XDG_RUNTIME_DIR=/run/user/%d", (int) passwd->pw_uid); snprintf(envp[1], sizeof("XDG_RUNTIME_DIR=/run/user/12345"), "XDG_RUNTIME_DIR=/run/user/%d", (int) passwd->pw_uid);
envp[2] = (char *) NULL; envp[2] = (char *) NULL;
if ((dir = opendir(strstr(envp[1], "/"))) == NULL) if ((dir = opendir(strstr(envp[1], "/"))) == NULL)