The "service" is blindly appended to config directories ("/etc/pam.d/"),
and if a user can control the "service" it can get PAM to read config
files from any location.
This is not a problem with most software because the "service" is
usually a constant string. The check protects 3rd party software
from being abused.
(CVE-2011-4122)
set r = PAM_SYSTEM_ERR and let later code check the flags
before deciding whether the error may be ignored.
Also count the number of successes, and if nothing is explicitly
successful then treat it as a failure. This replaces the previous
check for chain == NULL.
Reviewed by christos, mrg
under big endian.
2. ":set octal" with nonprintable character causes nbwcurses move error.
3. moving (big)words by wW/eE/bB can't handle non-ascii characters.
4. toggle uppercase/lowercase by ~ can't handle non-ascii characters.
5. don't feed CHAR_T(=wchar_t) to is* function directly.
is* funcs with over UCHAR_MAX value may cause undefined behavior.
some ctype implementation(such as FreeBSD) return unexpected
result(same result as isw* func).
6. using non-ascii digit character with count/line number of ex/vi
command may causes unexpeced result.
- Add libnpf(3) - a library to control NPF (configuration, ruleset, etc).
- Add NPF support for ftp-proxy(8).
- Add rc.d script for NPF.
- Convert npfctl(8) to use libnpf(3) and thus make it less depressive.
Note: next clean-up step should be a parser, once dholland@ will finish it.
- Add more documentation.
- Various fixes.
Change the initialization state of gtagsmode to 0, (unset).
This brings about least astonishment for users, permittings tags
functionality to work as expected.
using an EXTERN_INLINE definition for functions that are defined as
inline but provide an externally callable reference.
(these are externally called in ipftest)
drochner