From 2d6f1998dd770f5338b046ce4b105fedfadec59a Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Wed, 11 Sep 2024 08:00:00 +0000 Subject: [PATCH] pam_filter: fix potential fd leak on error path Resolves: https://github.com/linux-pam/linux-pam/issues/829 --- modules/pam_filter/pam_filter.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/modules/pam_filter/pam_filter.c b/modules/pam_filter/pam_filter.c index ed315b13..3b0913dd 100644 --- a/modules/pam_filter/pam_filter.c +++ b/modules/pam_filter/pam_filter.c @@ -322,18 +322,21 @@ set_filter (pam_handle_t *pamh, int flags UNUSED, int ctrl, if (setsid() == -1) { pam_syslog(pamh, LOG_ERR, "child cannot become new session: %m"); + close(fd[0]); return PAM_ABORT; } /* grant slave terminal */ if (grantpt (fd[0]) < 0) { pam_syslog(pamh, LOG_ERR, "Cannot grant access to slave terminal"); + close(fd[0]); return PAM_ABORT; } /* unlock slave terminal */ if (unlockpt (fd[0]) < 0) { pam_syslog(pamh, LOG_ERR, "Cannot unlock slave terminal"); + close(fd[0]); return PAM_ABORT; } @@ -343,6 +346,7 @@ set_filter (pam_handle_t *pamh, int flags UNUSED, int ctrl, if (terminal == NULL) { pam_syslog(pamh, LOG_ERR, "Cannot get the name of the slave terminal: %m"); + close(fd[0]); return PAM_ABORT; } @@ -381,6 +385,10 @@ set_filter (pam_handle_t *pamh, int flags UNUSED, int ctrl, return PAM_ABORT; } + /* now the user input is read from the parent/filter: forget fd */ + + close(fd[1]); + /* make sure that file descriptors survive 'exec's */ if ( fcntl(STDIN_FILENO, F_SETFD, 0) || @@ -391,10 +399,6 @@ set_filter (pam_handle_t *pamh, int flags UNUSED, int ctrl, return PAM_ABORT; } - /* now the user input is read from the parent/filter: forget fd */ - - close(fd[1]); - /* the current process is now apparently working with filtered stdio/stdout/stderr --- success! */