diff options
author | Mark Johnston <markj@FreeBSD.org> | 2021-02-23 22:01:29 +0000 |
---|---|---|
committer | Mark Johnston <markj@FreeBSD.org> | 2021-02-24 01:21:13 +0000 |
commit | dae05d22d64ea218abe5883be539c2b41c20b1fb (patch) | |
tree | 04aad95642988f048828c00b26c64792eca7e6ec | |
parent | 89238773a37f4fc8f0bf3ccca3aa03874478f194 (diff) | |
download | src-dae05d22d64ea218abe5883be539c2b41c20b1fb.tar.gz src-dae05d22d64ea218abe5883be539c2b41c20b1fb.zip |
pam_login_access: Fix negative entry matching logic
PR: 252194
Approved by: so
Security: CVE-2020-25580
Security: FreeBSD-SA-21:03.pam_login_access
(cherry picked from commit 6ab923cbca8759503a08683a5978b9ebf5efd607)
-rw-r--r-- | lib/libpam/modules/pam_login_access/login_access.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/libpam/modules/pam_login_access/login_access.c b/lib/libpam/modules/pam_login_access/login_access.c index 9496081d362e..719808858dac 100644 --- a/lib/libpam/modules/pam_login_access/login_access.c +++ b/lib/libpam/modules/pam_login_access/login_access.c @@ -137,10 +137,10 @@ list_match(char *list, const char *item, if (match != NO) { while ((tok = strtok((char *) 0, listsep)) && strcmp(tok, "EXCEPT")) { /* VOID */ ; - if (tok == NULL || list_match((char *) 0, item, match_fn, - login_access_opts) == NO) { + } + if (tok == NULL || + list_match((char *) 0, item, match_fn, login_access_opts) == NO) { return (match); - } } } return (NO); |