Commit c69cf93b authored by Sergey Vojtovich's avatar Sergey Vojtovich

MDEV-8673 - [PATCH] Missing Sanity Check for strndup() in MariaDB 10.0.2x

Contributed by Bill Parker.

Added check for strndup() return value.
parent 173e4869
...@@ -98,7 +98,8 @@ static int conv(int n, const struct pam_message **msg, ...@@ -98,7 +98,8 @@ static int conv(int n, const struct pam_message **msg,
if (pkt_len < 0) if (pkt_len < 0)
return PAM_CONV_ERR; return PAM_CONV_ERR;
/* allocate and copy the reply to the response array */ /* allocate and copy the reply to the response array */
(*resp)[i].resp = strndup((char*)pkt, pkt_len); if (!((*resp)[i].resp= strndup((char*) pkt, pkt_len)))
return PAM_CONV_ERR;
param->ptr = param->buf + 1; param->ptr = param->buf + 1;
} }
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment