aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTed Gould <ted@gould.cx>2012-08-28 15:24:34 -0500
committerTed Gould <ted@gould.cx>2012-08-28 15:24:34 -0500
commit7666892cefc221a275782704fa468582f604c89f (patch)
tree311e97a06c6fe4cd097884086209ba6181d8bf6e
parent55183a443d93485c8cf9a060b5025cdd10a73d9b (diff)
downloadlibpam-freerdp2-7666892cefc221a275782704fa468582f604c89f.tar.gz
libpam-freerdp2-7666892cefc221a275782704fa468582f604c89f.tar.bz2
libpam-freerdp2-7666892cefc221a275782704fa468582f604c89f.zip
Locking the buffer 'cause it would have the password in it
-rw-r--r--src/pam-freerdp.c10
1 files changed, 9 insertions, 1 deletions
diff --git a/src/pam-freerdp.c b/src/pam-freerdp.c
index 8129787..82704c5 100644
--- a/src/pam-freerdp.c
+++ b/src/pam-freerdp.c
@@ -303,10 +303,15 @@ pam_sm_open_session (pam_handle_t *pamh, int flags, int argc, const char ** argv
buffer_len += strlen(password) + 1; /* Add one for the NULL */
char * buffer = malloc(buffer_len);
+ /* Lock the buffer before writing */
+ mlock(buffer, buffer_len);
snprintf(buffer, buffer_len, "%s %s %s %s", ruser, password, rdomain, rhost);
pid_t pid = fork();
if (pid == 0) {
+ /* Locks to carry over */
+ mlock(buffer, buffer_len);
+
if (setgid(pwdent->pw_gid) < 0 || setuid(pwdent->pw_uid) < 0 ||
setegid(pwdent->pw_gid) < 0 || seteuid(pwdent->pw_uid) < 0) {
_exit(EXIT_FAILURE);
@@ -341,11 +346,14 @@ pam_sm_open_session (pam_handle_t *pamh, int flags, int argc, const char ** argv
} else if (pid < 0) {
retval = PAM_SYSTEM_ERR;
close(socketfd);
- free(buffer);
} else {
session_pid = pid;
}
+ memset(buffer, 0, buffer_len);
+ munlock(buffer, buffer_len);
+ free(buffer);
+
done:
if (username != NULL) { free(username); }
if (password != NULL) { free(password); }