main/pam-pgsql: fix CVE-2013-0191

fixes #1605

2 files changed, 16 insertions, 3 deletions

diff --git a/main/pam-pgsql/APKBUILD b/main/pam-pgsql/APKBUILD
index 771d4f1954..a085bf5aed 100644
--- a/main/pam-pgsql/APKBUILD
+++ b/main/pam-pgsql/APKBUILD
@@ -2,7 +2,7 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=pam-pgsql
 pkgver=0.7.3.1
-pkgrel=1
+pkgrel=2
 pkgdesc="PAM module to authenticate using a PostgreSQL database"
 url="http://sourceforge.net/projects/pam-pgsql/"
 arch="all"
@@ -12,7 +12,8 @@ depends_dev=""
 makedepends="$depends_dev linux-pam-dev postgresql-dev libgcrypt-dev"
 install=""
 subpackages="$pkgname-doc"
-source="http://downloads.sourceforge.net/project/pam-pgsql/pam-pgsql/0.7/pam-pgsql-$pkgver.tar.gz"
+source="http://downloads.sourceforge.net/project/pam-pgsql/pam-pgsql/0.7/pam-pgsql-$pkgver.tar.gz
+	CVE-2013-0191.patch"
 
 _builddir="$srcdir"/pam-pgsql-$pkgver
 prepare() {
@@ -39,4 +40,5 @@ package() {
 		|| return 1
 }
 
-md5sums="16cb40a16ee1f286906a0d5a90254731  pam-pgsql-0.7.3.1.tar.gz"
+md5sums="16cb40a16ee1f286906a0d5a90254731  pam-pgsql-0.7.3.1.tar.gz
+4a8640edb8eaee4456fa91ad8c22ab7f  CVE-2013-0191.patch"
diff --git a/main/pam-pgsql/CVE-2013-0191.patch b/main/pam-pgsql/CVE-2013-0191.patch
new file mode 100644
index 0000000000..d03fc30822
--- /dev/null
+++ b/main/pam-pgsql/CVE-2013-0191.patch
@@ -0,0 +1,11 @@
+--- ./src/backend_pgsql.c.orig	2013-02-07 13:06:48.982679657 +0000
++++ ./src/backend_pgsql.c	2013-02-07 13:09:00.973830056 +0000
+@@ -258,7 +258,7 @@
+ 	if(pg_execParam(conn, &res, options->query_auth, service, user, passwd, rhost) == PAM_SUCCESS) {
+ 		if(PQntuples(res) == 0) {
+ 			rc = PAM_USER_UNKNOWN;
+-		} else {
++		} else if (!PQgetisnull(res, 0, 0)) {
+ 			char *stored_pw = PQgetvalue(res, 0, 0);
+ 			if (!strcmp(stored_pw, (tmp = password_encrypt(options, user, passwd, stored_pw)))) rc = PAM_SUCCESS;
+ 			free (tmp);