xauth-pam: Sanitize XAuth attributes before passing them to PAM
authorMartin Willi <martin@revosec.ch>
Wed, 22 Jan 2014 13:01:01 +0000 (14:01 +0100)
committerMartin Willi <martin@revosec.ch>
Thu, 23 Jan 2014 15:07:04 +0000 (16:07 +0100)
src/libcharon/plugins/xauth_pam/xauth_pam.c

index 8ba2c76..99fda7d 100644 (file)
@@ -116,7 +116,11 @@ static void attr2string(char *buf, size_t len, chunk_t chunk)
 {
        if (chunk.len && chunk.len < len)
        {
-               snprintf(buf, len, "%.*s", (int)chunk.len, chunk.ptr);
+               chunk_t sane;
+
+               chunk_printable(chunk, &sane, '?');
+               snprintf(buf, len, "%.*s", (int)sane.len, sane.ptr);
+               chunk_clear(&sane);
        }
 }