Google Git
Sign in
kernel / pub / scm / libs / libcap / libcap / 917c8b5d3450870b4f25fd4a5a5198faa9de9aeb
commit917c8b5d3450870b4f25fd4a5a5198faa9de9aeb[log] [tgz]
authorAndrew G. Morgan <morgan@kernel.org>Wed May 03 20:12:52 2023 -0700
committerAndrew G. Morgan <morgan@kernel.org>Tue May 09 18:56:00 2023 -0700
treeafd9966c928defc9f7b8498e2a144ce57f6f3ab0
parent422bec25ae4a1ab03fd4d6f728695ed279173b18 [diff]
There was a small memory leak in pam_cap.so when libpam returned an error.

The function pam_set_data() takes ownership of a memory pointer if
the call succeeds, but does not take that ownership if the function
fails. Previously, the failure caused no deferred capability setting and
a return code PAM_IGNORE. It continues to do that in this case, but no
longer leaks the allocated iab memory.

This bug was introduced with deferred IAB capability setting support in
libcap-2.58.

Credit for finding this bug in pam_cap.so goes to X41 D-Sec GmbH
(https://x41-dsec.de/) who performed a security audit of the libcap
source code in April of 2023. The audit was sponsored by the Open
Source Technology Improvement Fund (https://ostif.org/).

Audit ref: LCAP-CR-23-100

Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
1 file changed
tree: afd9966c928defc9f7b8498e2a144ce57f6f3ab0
  1. cap/
  2. contrib/
  3. doc/
  4. go/
  5. goapps/
  6. kdebug/
  7. libcap/
  8. pam_cap/
  9. progs/
  10. psx/
  11. tests/
  12. .gitignore
  13. CHANGELOG
  14. distcheck.sh
  15. gomods.sh
  16. License
  17. Make.Rules
  18. Makefile
  19. pgp.keys.asc
  20. README
  21. template.c