summaryrefslogtreecommitdiff
path: root/server
diff options
context:
space:
mode:
authorStephen Gallagher <sgallagh@redhat.com>2009-07-28 09:43:57 -0400
committerStephen Gallagher <sgallagh@redhat.com>2009-07-29 07:24:11 -0400
commite7c9154dc3346f4a9dd61857ac0d9124fcef6a85 (patch)
tree722f4d2edbf4fa610a9491723420259c54b0a648 /server
parentc8586fd938d5d8fd3db117aa9a496b9a95ca0bfc (diff)
downloadsssd-e7c9154dc3346f4a9dd61857ac0d9124fcef6a85.tar.gz
sssd-e7c9154dc3346f4a9dd61857ac0d9124fcef6a85.tar.bz2
sssd-e7c9154dc3346f4a9dd61857ac0d9124fcef6a85.zip
Address CVE-2009-2410
Fix incorrect error code return in local_handler_callback
Diffstat (limited to 'server')
-rw-r--r--server/responder/pam/pam_LOCAL_domain.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/server/responder/pam/pam_LOCAL_domain.c b/server/responder/pam/pam_LOCAL_domain.c
index 5c1fea99..5d76891f 100644
--- a/server/responder/pam/pam_LOCAL_domain.c
+++ b/server/responder/pam/pam_LOCAL_domain.c
@@ -379,7 +379,7 @@ static void local_handler_callback(void *pvt, int ldb_status,
password = ldb_msg_find_attr_as_string(res->msgs[0], SYSDB_PWD, NULL);
NULL_CHECK_OR_JUMP(password, ("No password stored.\n"),
- lreq->error, ret, done);
+ lreq->error, LDB_ERR_NO_SUCH_ATTRIBUTE, done);
DEBUG(4, ("user: [%s], password hash: [%s]\n", username, password));
ret = s3crypt_sha512(lreq, authtok, password, &new_hash);