aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMark Johnston <markj@FreeBSD.org>2021-02-23 22:01:29 +0000
committerMark Johnston <markj@FreeBSD.org>2021-02-24 01:34:52 +0000
commit3ea0e6b45274a296b859a3171070834a2e33c5fd (patch)
tree0dd98e5e02d0cb108a3430dc08a1872515f4d611
parentab1cd885a619a0304e40fa07795ea9ddcb33134e (diff)
downloadsrc-3ea0e6b45274a296b859a3171070834a2e33c5fd.tar.gz
src-3ea0e6b45274a296b859a3171070834a2e33c5fd.zip
pam_login_access: Fix negative entry matching logic
PR: 252194 Approved by: so Security: CVE-2020-25580 Security: FreeBSD-SA-21:03.pam_login_access (cherry picked from commit 6ab923cbca8759503a08683a5978b9ebf5efd607) (cherry picked from commit dae05d22d64ea218abe5883be539c2b41c20b1fb)
-rw-r--r--lib/libpam/modules/pam_login_access/login_access.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/libpam/modules/pam_login_access/login_access.c b/lib/libpam/modules/pam_login_access/login_access.c
index 9496081d362e..719808858dac 100644
--- a/lib/libpam/modules/pam_login_access/login_access.c
+++ b/lib/libpam/modules/pam_login_access/login_access.c
@@ -137,10 +137,10 @@ list_match(char *list, const char *item,
if (match != NO) {
while ((tok = strtok((char *) 0, listsep)) && strcmp(tok, "EXCEPT")) {
/* VOID */ ;
- if (tok == NULL || list_match((char *) 0, item, match_fn,
- login_access_opts) == NO) {
+ }
+ if (tok == NULL ||
+ list_match((char *) 0, item, match_fn, login_access_opts) == NO) {
return (match);
- }
}
}
return (NO);