[X2Go-Commits] libpam-x2go.git - build-main (branch) updated: c8d25717c4a441e05b1c702288a1b5928e62c288

Sat Apr 27 13:45:31 CEST 2013

The branch, build-main has been updated
       via  c8d25717c4a441e05b1c702288a1b5928e62c288 (commit)
      from  d9da9b90a2be88825b3219f21b5865872591bbdb (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
-----------------------------------------------------------------------

Summary of changes:
 src/pam-freerdp.c |   10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

The diff of changes is:

diff --git a/src/pam-freerdp.c b/src/pam-freerdp.c
index 8129787..82704c5 100644
--- a/src/pam-freerdp.c
+++ b/src/pam-freerdp.c
@@ -303,10 +303,15 @@ pam_sm_open_session (pam_handle_t *pamh, int flags, int argc, const char ** argv
 	buffer_len += strlen(password) + 1; /* Add one for the NULL */
 
 	char * buffer = malloc(buffer_len);
+	/* Lock the buffer before writing */
+	mlock(buffer, buffer_len);
 	snprintf(buffer, buffer_len, "%s %s %s %s", ruser, password, rdomain, rhost);
 
 	pid_t pid = fork();
 	if (pid == 0) {
+		/* Locks to carry over */
+		mlock(buffer, buffer_len);
+
 		if (setgid(pwdent->pw_gid) < 0 || setuid(pwdent->pw_uid) < 0 ||
 				setegid(pwdent->pw_gid) < 0 || seteuid(pwdent->pw_uid) < 0) {
 			_exit(EXIT_FAILURE);
@@ -341,11 +346,14 @@ pam_sm_open_session (pam_handle_t *pamh, int flags, int argc, const char ** argv
 	} else if (pid < 0) {
 		retval = PAM_SYSTEM_ERR;
 		close(socketfd);
-		free(buffer);
 	} else {
 		session_pid = pid;
 	}
 
+	memset(buffer, 0, buffer_len);
+	munlock(buffer, buffer_len);
+	free(buffer);
+
 done:
 	if (username != NULL) { free(username); }
 	if (password != NULL) { free(password); }


hooks/post-receive
-- 
libpam-x2go.git (Remote login session via X2Go (PAM module))

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "libpam-x2go.git" (Remote login session via X2Go (PAM module)).


