Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 365952 Details for
Bug 452652
<sys-auth/pam-pgsql-0.7.3.2: NULL password handling issue (CVE-2013-0191)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
pam-pgsql-0.7.3.1-nullpassword.patch
pam-pgsql-0.7.3.1-nullpassword.patch (text/plain), 442 bytes, created by
Samuel Damashek (RETIRED)
on 2013-12-23 03:55:05 UTC
(
hide
)
Description:
pam-pgsql-0.7.3.1-nullpassword.patch
Filename:
MIME Type:
Creator:
Samuel Damashek (RETIRED)
Created:
2013-12-23 03:55:05 UTC
Size:
442 bytes
patch
obsolete
>--- src/backend_pgsql.c >+++ src/backend_pgsql.c >@@ -258,7 +258,7 @@ > if(pg_execParam(conn, &res, options->query_auth, service, user, passwd, rhost) == PAM_SUCCESS) { > if(PQntuples(res) == 0) { > rc = PAM_USER_UNKNOWN; >- } else { >+ } else if(!PQgetisnull(res, 0, 0)) { > char *stored_pw = PQgetvalue(res, 0, 0); > if (!strcmp(stored_pw, (tmp = password_encrypt(options, user, passwd, stored_pw)))) rc = PAM_SUCCESS; > free (tmp);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=365952">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 452652
: 365952
