fix: passwd_tries=0 can result in unlimited password tries because of… (#1313)

Fix potential integer underflow when `passwd_tries` = 0 
---------

Co-authored-by: Marc Schoolderman <marc@tweedegolf.com>
Co-authored-by: Marc R. Schoolderman <info@squell.net>
Co-authored-by: bjorn3 <17426603+bjorn3@users.noreply.github.com>

Author: 3 people

src/common/error.rs

@@ -28,7 +28,7 @@ pub enum Error {
     Options(String),
     Pam(PamError),
     Io(Option<PathBuf>, std::io::Error),
-    MaxAuthAttempts(usize),
+    MaxAuthAttempts(u16),
     PathValidation(PathBuf),
     StringValidation(String),
     #[cfg(feature = "apparmor")]

src/sudo/pam.rs

@@ -94,8 +94,13 @@ pub(super) fn attempt_authenticate(
     pam: &mut PamContext,
     auth_user: &str,
     non_interactive: bool,
-    mut max_tries: u16,
+    max_tries: u16,
 ) -> Result<(), Error> {
+    // Reject zero upfront so we don't ask for a password once when max_tries is 0.
+    if max_tries == 0 {
+        return Err(Error::MaxAuthAttempts(0));
+    }
+
     let mut current_try = 0;
     loop {
         current_try += 1;
@@ -110,8 +115,7 @@ pub(super) fn attempt_authenticate(
 
             // there was an authentication error, we can retry
             Err(PamError::Pam(PamErrorType::AuthError | PamErrorType::ConversationError)) => {
-                max_tries -= 1;
-                if max_tries == 0 {
+                if current_try >= max_tries {
                     return Err(Error::MaxAuthAttempts(current_try));
                 } else if non_interactive {
                     return Err(Error::InteractionRequired);