From: Martin Willi <martin@revosec.ch>
Date: Wed, 22 Jan 2014 13:01:01 +0000 (+0100)
Subject: xauth-pam: Sanitize XAuth attributes before passing them to PAM
X-Git-Tag: 5.1.2rc1~40^2~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7dc8bf495b8c6b68728ebbc31b0388e39c04c288;p=thirdparty%2Fstrongswan.git

xauth-pam: Sanitize XAuth attributes before passing them to PAM
---

diff --git a/src/libcharon/plugins/xauth_pam/xauth_pam.c b/src/libcharon/plugins/xauth_pam/xauth_pam.c
index 8ba2c764d9..99fda7dada 100644
--- a/src/libcharon/plugins/xauth_pam/xauth_pam.c
+++ b/src/libcharon/plugins/xauth_pam/xauth_pam.c
@@ -116,7 +116,11 @@ static void attr2string(char *buf, size_t len, chunk_t chunk)
 {
 	if (chunk.len && chunk.len < len)
 	{
-		snprintf(buf, len, "%.*s", (int)chunk.len, chunk.ptr);
+		chunk_t sane;
+
+		chunk_printable(chunk, &sane, '?');
+		snprintf(buf, len, "%.*s", (int)sane.len, sane.ptr);
+		chunk_clear(&sane);
 	}
 }