From 8ae228fa76ff9ef1d8d6b2199582d9206f1830c6 Mon Sep 17 00:00:00 2001
From: Stanislav Brabec <sbrabec@suse.cz>
Date: Mon, 22 Jul 2024 23:18:16 +0200
Subject: [PATCH] libpam_misc: Use ECHOCTL in the terminal input

Use the canonical terminal mode (line mode) and set ECHOCTL to prevent
cursor escape from the login prompt using arrows or escape sequences.

ICANON is the default in most cases anyway. ECHOCTL is default on tty, but
for example not on pty, allowing cursor to escape.

Stanislav Brabec <sbrabec@suse.com>
---
 libpam_misc/misc_conv.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/libpam_misc/misc_conv.c b/libpam_misc/misc_conv.c
index 7410e929..6b839b48 100644
--- a/libpam_misc/misc_conv.c
+++ b/libpam_misc/misc_conv.c
@@ -145,9 +145,10 @@ static int read_string(int echo, const char *prompt, char **retstr)
 	    return -1;
 	}
 	memcpy(&term_tmp, &term_before, sizeof(term_tmp));
-	if (!echo) {
+	if (echo)
+	    term_tmp.c_lflag |= ICANON | ECHOCTL;
+	else
 	    term_tmp.c_lflag &= ~(ECHO);
-	}
 	have_term = 1;
 
 	/*
-- 
2.45.2