Differences with security implications: PAM

Pluggable Authentication Modules (PAM)
Ambiguities in specification
Linux-PAM API passes prompt messages as array of pointers to struct pam_message
Sun-derived API and OpenPAM do pointer to array of struct pam_message
Result: possible overflow in privileged code

We use an accessor macro to avoid this:

           #ifdef PAM_SUN_CODEBASE
           # define PAM_MSG_MEMBER(msg, n, member) ((*(msg))[(n)].member)
           #else
           # define PAM_MSG_MEMBER(msg, n, member) ((msg)[(n)]->member)
           #endif

