2023-02-23 20:32:51 +01:00
|
|
|
From: Egbert Eich <eich@suse.com>
|
|
|
|
|
Date: Mon Feb 20 21:29:27 2023 +0100
|
|
|
|
|
Subject: pam_slurm: Initialize arrays and pass sizes
|
|
|
|
|
Patch-mainline: Not yet
|
|
|
|
|
Git-commit: 5feca5c29d4e820dafd8d34c0343944b28890902
|
2017-02-02 21:23:02 +01:00
|
|
|
References: bsc#1007053
|
|
|
|
|
|
|
|
|
|
PAM is security critical:
|
|
|
|
|
- clear arrays
|
|
|
|
|
- ensure strings are NULL-terminated.
|
|
|
|
|
|
|
|
|
|
Signed-off-by: Egbert Eich <eich@suse.com>
|
2023-02-23 20:32:51 +01:00
|
|
|
Originally-from: Sebastian Krahmer <krahmer@suse.com>
|
|
|
|
|
Signed-off-by: Egbert Eich <eich@suse.de>
|
2017-02-02 21:23:02 +01:00
|
|
|
---
|
2023-02-23 20:32:51 +01:00
|
|
|
contribs/pam/pam_slurm.c | 20 +++++++++++---------
|
|
|
|
|
1 file changed, 11 insertions(+), 9 deletions(-)
|
|
|
|
|
diff --git a/contribs/pam/pam_slurm.c b/contribs/pam/pam_slurm.c
|
|
|
|
|
index 20d21a9..363b6ae 100644
|
2017-02-02 21:23:02 +01:00
|
|
|
--- a/contribs/pam/pam_slurm.c
|
|
|
|
|
+++ b/contribs/pam/pam_slurm.c
|
2023-02-23 20:32:51 +01:00
|
|
|
@@ -266,9 +266,9 @@ static int
|
2017-02-02 21:23:02 +01:00
|
|
|
_gethostname_short (char *name, size_t len)
|
|
|
|
|
{
|
|
|
|
|
int error_code, name_len;
|
|
|
|
|
- char *dot_ptr, path_name[1024];
|
|
|
|
|
+ char *dot_ptr, path_name[1024] = {0};
|
|
|
|
|
|
|
|
|
|
- error_code = gethostname(path_name, sizeof(path_name));
|
|
|
|
|
+ error_code = gethostname(path_name, sizeof(path_name) - 1);
|
|
|
|
|
if (error_code)
|
|
|
|
|
return error_code;
|
|
|
|
|
|
2023-02-23 20:32:51 +01:00
|
|
|
@@ -296,13 +296,13 @@ static int
|
2017-02-02 21:23:02 +01:00
|
|
|
_slurm_match_allocation(uid_t uid)
|
|
|
|
|
{
|
|
|
|
|
int authorized = 0, i;
|
|
|
|
|
- char hostname[MAXHOSTNAMELEN];
|
|
|
|
|
+ char hostname[MAXHOSTNAMELEN] = {0};
|
|
|
|
|
char *nodename = NULL;
|
|
|
|
|
job_info_msg_t * msg;
|
|
|
|
|
|
2023-02-23 20:32:51 +01:00
|
|
|
slurm_init(NULL);
|
2020-11-02 14:42:03 +01:00
|
|
|
|
2017-02-02 21:23:02 +01:00
|
|
|
- if (_gethostname_short(hostname, sizeof(hostname)) < 0) {
|
|
|
|
|
+ if (_gethostname_short(hostname, sizeof(hostname) - 1) < 0) {
|
|
|
|
|
_log_msg(LOG_ERR, "gethostname: %m");
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2023-02-23 20:32:51 +01:00
|
|
|
@@ -425,7 +425,7 @@ _send_denial_msg(pam_handle_t *pamh, struct _options *opts,
|
2017-02-02 21:23:02 +01:00
|
|
|
*/
|
|
|
|
|
extern void libpam_slurm_init (void)
|
|
|
|
|
{
|
|
|
|
|
- char libslurmname[64];
|
|
|
|
|
+ char libslurmname[64] = {0};
|
|
|
|
|
|
|
|
|
|
if (slurm_h)
|
|
|
|
|
return;
|
2023-02-23 20:32:51 +01:00
|
|
|
@@ -433,10 +433,10 @@ extern void libpam_slurm_init (void)
|
2017-02-02 21:23:02 +01:00
|
|
|
/* First try to use the same libslurm version ("libslurm.so.24.0.0"),
|
|
|
|
|
* Second try to match the major version number ("libslurm.so.24"),
|
|
|
|
|
* Otherwise use "libslurm.so" */
|
|
|
|
|
- if (snprintf(libslurmname, sizeof(libslurmname),
|
|
|
|
|
+ if (snprintf(libslurmname, sizeof(libslurmname) - 1,
|
|
|
|
|
"libslurm.so.%d.%d.%d", SLURM_API_CURRENT,
|
|
|
|
|
SLURM_API_REVISION, SLURM_API_AGE) >=
|
|
|
|
|
- sizeof(libslurmname) ) {
|
|
|
|
|
+ sizeof(libslurmname) - 1) {
|
|
|
|
|
_log_msg (LOG_ERR, "Unable to write libslurmname\n");
|
|
|
|
|
} else if ((slurm_h = dlopen(libslurmname, RTLD_NOW|RTLD_GLOBAL))) {
|
|
|
|
|
return;
|
2023-02-23 20:32:51 +01:00
|
|
|
@@ -445,8 +445,10 @@ extern void libpam_slurm_init (void)
|
2017-02-02 21:23:02 +01:00
|
|
|
libslurmname, dlerror ());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
- if (snprintf(libslurmname, sizeof(libslurmname), "libslurm.so.%d",
|
|
|
|
|
- SLURM_API_CURRENT) >= sizeof(libslurmname) ) {
|
|
|
|
|
+ memset(libslurmname, 0, sizeof(libslurmname));
|
|
|
|
|
+
|
|
|
|
|
+ if (snprintf(libslurmname, sizeof(libslurmname) - 1, "libslurm.so.%d",
|
|
|
|
|
+ SLURM_API_CURRENT) >= sizeof(libslurmname) - 1) {
|
|
|
|
|
_log_msg (LOG_ERR, "Unable to write libslurmname\n");
|
|
|
|
|
} else if ((slurm_h = dlopen(libslurmname, RTLD_NOW|RTLD_GLOBAL))) {
|
|
|
|
|
return;
|
