Copy pam data from DBus message

Instead of just using references to the pam data inside of the DBus
message the data is copied. New the DBus message can be freed at any
time and the pam data is part of the memory hierarchy. Additionally it
is possible to overwrite the authentication tokens in the DBus message,
because it is not used elsewhere.

1 files changed, 6 insertions, 11 deletions

diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c
index 5664b2c58..cb60ce156 100644
--- a/src/providers/data_provider_be.c
+++ b/src/providers/data_provider_be.c
@@ -672,10 +672,13 @@ static int be_pam_handler(DBusMessage *message, struct sbus_connection *conn)
     be_req->fn = be_pam_handler_callback;
     be_req->pvt = reply;
 
-    pd = talloc_zero(be_req, struct pam_data);
-    if (!pd) {
+    dbus_error_init(&dbus_error);
+
+    ret = dp_unpack_pam_request(message, be_req, &pd, &dbus_error);
+    if (!ret) {
+        DEBUG(1,("Failed, to parse message!\n"));
         talloc_free(be_req);
-        return ENOMEM;
+        return EIO;
     }
 
     pd->pam_status = PAM_SYSTEM_ERR;
@@ -685,14 +688,6 @@ static int be_pam_handler(DBusMessage *message, struct sbus_connection *conn)
         return ENOMEM;
     }
 
-    dbus_error_init(&dbus_error);
-
-    ret = dp_unpack_pam_request(message, pd, &dbus_error);
-    if (!ret) {
-        DEBUG(1,("Failed, to parse message!\n"));
-        talloc_free(be_req);
-        return EIO;
-    }
 
     DEBUG(4, ("Got request with the following data\n"));
     DEBUG_PAM_DATA(4, pd);