After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 766222 - pam: Pass the correct argc to gkr_pam_client_run_operation
pam: Pass the correct argc to gkr_pam_client_run_operation
Status: RESOLVED FIXED
Product: gnome-keyring
Classification: Core
Component: general
unspecified
Other All
: Normal normal
: ---
Assigned To: GNOME keyring maintainer(s)
GNOME keyring maintainer(s)
Depends on:
Blocks:
 
 
Reported: 2016-05-10 11:51 UTC by Iain Lane
Modified: 2016-05-18 12:51 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
pam: Pass the correct argc to gkr_pam_client_run_operation (1.07 KB, patch)
2016-05-10 11:51 UTC, Iain Lane 		none Details | Review

Description Iain Lane 2016-05-10 11:51:03 UTC 
I noticed that "lightdm --test-mode" was crashing in Ubuntu 16.04.
Investigation revealed (bear with me for not knowing much PAM) that no password
was being supplied, and yet keyring_daemon_op () was being called with argc = 1
and was therefore trying to dereference argv[0], which was NULL instead of the
password as it was expecting.

Fix the caller to calculate argc correctly.

Here's a trace from lightdm:

    at pam/gkr-pam-client.c:336
        at pam/gkr-pam-client.c:428
Comment 1 Iain Lane 2016-05-10 11:51:07 UTC 
Created attachment 327580 [details] [review]
pam: Pass the correct argc to gkr_pam_client_run_operation

If there's no password then there are no arguments. This prevents a
crash in keyring_daemon_op (), which loops over argv and would otherwise
dereference a null pointer.
Comment 2 Iain Lane 2016-05-10 11:52:16 UTC 
Don't know why that trace didn't appear...

+ Trace 236239

  • #0 strlen
    at ../sysdeps/x86_64/strlen.S line 106
  • #1 keyring_daemon_op
    at pam/gkr-pam-client.c line 336
  • #2 gkr_pam_client_run_operation
    at pam/gkr-pam-client.c line 428
  • #3 unlock_keyring
    at pam/gkr-pam-module.c line 643
  • #4 pam_sm_open_session
    at pam/gkr-pam-module.c line 891
  • #5 _pam_dispatch
    at pam_dispatch.c line 110
  • #6 _pam_dispatch
    at pam_dispatch.c line 395
  • #7 pam_open_session
    at pam_session.c line 23
  • #8 session_child_run
    at session-child.c line 568
  • #9 main
    at lightdm.c line 1206 






Comment 3


Stef Walter





          2016-05-18 12:51:48 UTC
        



Thanks. Merged into git master.

Attachment 327580 [details] pushed as 0d283e5 - pam: Pass the correct argc to gkr_pam_client_run_operation