diff options
| author | Tomas Mraz <tm@t8m.info> | 2008-11-24 14:06:15 +0000 |
|---|---|---|
| committer | Tomas Mraz <tm@t8m.info> | 2008-11-24 14:06:15 +0000 |
| commit | b66f2f941f5dd41710b0e3f3251d5d664602911f (patch) | |
| tree | 4dc50073f48e340c42f1441fbc15e7ec81f0a57a /modules/pam_cracklib | |
| parent | e6364f057ddd81b7eb06487047b20a04f29022af (diff) | |
| download | pam-b66f2f941f5dd41710b0e3f3251d5d664602911f.tar.gz pam-b66f2f941f5dd41710b0e3f3251d5d664602911f.tar.bz2 pam-b66f2f941f5dd41710b0e3f3251d5d664602911f.zip | |
Relevant BUGIDs:
Purpose of commit: bugfix
Commit summary:
---------------
2008-11-24 Tomas Mraz <t8m@centrum.cz>
* modules/pam_cracklib/pam_cracklib.c(pam_sm_chauthtok): Fix leaks
in error path.
* modules/pam_env/pam_env.c(_parse_env_file): Remove superfluous
condition.
* modules/pam_group/pam_group.c(check_account): Fix leak
in error path.
* modules/pam_listfile/pam_listfile.c(pam_sm_authenticate): Fix leak
in error path.
* modules/pam_securetty/pam_securetty.c(securetty_perform_check): Remove
superfluous condition.
* modules/pam_stress/pam_stress.c(stress_get_password,pam_sm_authenticate):
Remove superfluous conditions.
(pam_sm_chauthtok): Fix mistaken && for &.
* modules/pam_unix/pam_unix_auth.c(pam_sm_authenticate): Remove
superfluous condition.
All the problems fixed in this commit were found by Steve Grubb.
Diffstat (limited to 'modules/pam_cracklib')
| -rw-r--r-- | modules/pam_cracklib/pam_cracklib.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/modules/pam_cracklib/pam_cracklib.c b/modules/pam_cracklib/pam_cracklib.c index 2c4cd4a0..b94f8596 100644 --- a/modules/pam_cracklib/pam_cracklib.c +++ b/modules/pam_cracklib/pam_cracklib.c @@ -692,6 +692,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags, } if (retval != PAM_SUCCESS) { + token1 = _pam_delete(token1); if (ctrl & PAM_DEBUG_ARG) pam_syslog(pamh,LOG_DEBUG,"unable to obtain a password"); continue; @@ -756,6 +757,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags, if (retval != PAM_SUCCESS) { if (ctrl & PAM_DEBUG_ARG) pam_syslog(pamh,LOG_DEBUG,"unable to obtain retyped password"); + token1 = _pam_delete(token1); continue; } |