diff options
| author | Iker Pedrosa <ipedrosa@redhat.com> | 2021-07-01 12:14:29 +0200 |
|---|---|---|
| committer | Tomáš Mráz <tm@t8m.info> | 2021-07-09 11:27:35 +0200 |
| commit | ec0e724fe53188c5c762c34ca9db6681c0de01b8 (patch) | |
| tree | 97157f4e7d0eae7ee72097cdbce5b279846905dc /modules/pam_faillock | |
| parent | f220cace205332a3dc34e7b37a85e7627e097e7d (diff) | |
| download | pam-ec0e724fe53188c5c762c34ca9db6681c0de01b8.tar.gz pam-ec0e724fe53188c5c762c34ca9db6681c0de01b8.tar.bz2 pam-ec0e724fe53188c5c762c34ca9db6681c0de01b8.zip | |
pam_filter: Close file after controlling tty
Failing to check the descriptor value meant that there was a bug in the
attempt to close the controlling tty. Moreover, this would lead to a
file descriptor leak as pointed out by the static analyzer tool:
Error: RESOURCE_LEAK (CWE-772): [#def26]
Linux-PAM-1.5.1/modules/pam_filter/pam_filter.c:356: open_fn: Returning handle opened by "open". [Note: The source code implementation of the function has been overridden by a user model.]
Linux-PAM-1.5.1/modules/pam_filter/pam_filter.c:356: var_assign: Assigning: "t" = handle returned from "open("/dev/tty", 2)".
Linux-PAM-1.5.1/modules/pam_filter/pam_filter.c:357: off_by_one: Testing whether handle "t" is strictly greater than zero is suspicious. "t" leaks when it is zero.
Linux-PAM-1.5.1/modules/pam_filter/pam_filter.c:357: remediation: Did you intend to include equality with zero?
Linux-PAM-1.5.1/modules/pam_filter/pam_filter.c:367: leaked_handle: Handle variable "t" going out of scope leaks the handle.
365| pam_syslog(pamh, LOG_ERR,
366| "child cannot become new session: %m");
367|-> return PAM_ABORT;
368| }
369|
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
Diffstat (limited to 'modules/pam_faillock')
0 files changed, 0 insertions, 0 deletions