commit 8514bfe08da3912fce8b6c17c39ef20af136a087
Author: Robin Hack <rhack(a)redhat.com>
Date: Thu Aug 14 13:33:56 2014 +0200
pam_echo: Avoid leaking file descriptor.
modules/pam_echo/pam_echo.c (pam_echo): Close fd in error cases.
modules/pam_echo/pam_echo.c | 11 +++++++++--
1 files changed, 9 insertions(+), 2 deletions(-)
---
diff --git a/modules/pam_echo/pam_echo.c b/modules/pam_echo/pam_echo.c
index 043ff70..d0879fb 100644
--- a/modules/pam_echo/pam_echo.c
+++ b/modules/pam_echo/pam_echo.c
@@ -180,16 +180,23 @@ pam_echo (pam_handle_t *pamh, int flags, int argc, const char
**argv)
/* load file into message buffer. */
if ((fstat (fd, &st) < 0) || !st.st_size)
- return PAM_IGNORE;
+ {
+ close (fd);
+ return PAM_IGNORE;
+ }
mtmp = malloc (st.st_size + 1);
if (!mtmp)
- return PAM_BUF_ERR;
+ {
+ close (fd);
+ return PAM_BUF_ERR;
+ }
if (pam_modutil_read (fd, mtmp, st.st_size) == -1)
{
pam_syslog (pamh, LOG_ERR, "Error while reading %s: %m", file);
free (mtmp);
+ close (fd);
return PAM_IGNORE;
}
Show replies by thread