diff options
author | Mark Johnston <markj@FreeBSD.org> | 2021-02-23 22:01:29 +0000 |
---|---|---|
committer | Mark Johnston <markj@FreeBSD.org> | 2021-02-24 01:42:42 +0000 |
commit | f82cffcf2f44c909bec00d18549826f5d1d62205 (patch) | |
tree | be5127e1f5fe83471f6e72313df0e570dfee6cc6 | |
parent | ce9af53d0897a1cb926bd244f499fc09b1626b27 (diff) | |
download | src-f82cffcf2f44c909bec00d18549826f5d1d62205.tar.gz src-f82cffcf2f44c909bec00d18549826f5d1d62205.zip |
pam_login_access: Fix negative entry matching logic
PR: 252194
Approved by: re (implicit, so)
Approved by: so
Security: CVE-2020-25580
Security: FreeBSD-SA-21:03.pam_login_access
(cherry picked from commit 6ab923cbca8759503a08683a5978b9ebf5efd607)
(cherry picked from commit 8cf559d6b9b4782bf67eb868ea480f47fc8c64a4)
-rw-r--r-- | lib/libpam/modules/pam_login_access/login_access.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/libpam/modules/pam_login_access/login_access.c b/lib/libpam/modules/pam_login_access/login_access.c index 9496081d362e..719808858dac 100644 --- a/lib/libpam/modules/pam_login_access/login_access.c +++ b/lib/libpam/modules/pam_login_access/login_access.c @@ -137,10 +137,10 @@ list_match(char *list, const char *item, if (match != NO) { while ((tok = strtok((char *) 0, listsep)) && strcmp(tok, "EXCEPT")) { /* VOID */ ; - if (tok == NULL || list_match((char *) 0, item, match_fn, - login_access_opts) == NO) { + } + if (tok == NULL || + list_match((char *) 0, item, match_fn, login_access_opts) == NO) { return (match); - } } } return (NO); |