pam_xauth: sanitize variable after asprintf(3) failure

On asprintf(3) failure the value of the first argument is undefined. Set to NULL to avoid UB on cleanup.
author: Christian Göttsche <cgzones@googlemail.com> 2024-02-22 16:16:30 +0100
committer: Christian Göttsche <cgzones@googlemail.com> 2024-02-22 16:16:30 +0100
commit: c6f5d2b3ab4370dd4c199922c96705c2a242a999 (patch)
tree: b3b9edf2d55fc4e51afe30a9e06fa1d3dae30e52 /modules/pam_xauth/pam_xauth.c
parent: 1e2c6cecf81dcaeea0c2c9d37bc35eea120cd77d (diff)
download: pam-c6f5d2b3ab4370dd4c199922c96705c2a242a999.tar.gz
pam-c6f5d2b3ab4370dd4c199922c96705c2a242a999.tar.bz2
pam-c6f5d2b3ab4370dd4c199922c96705c2a242a999.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/modules/pam_xauth/pam_xauth.c b/modules/pam_xauth/pam_xauth.c
index 920dcb6e..cdac8745 100644
--- a/modules/pam_xauth/pam_xauth.c
+++ b/modules/pam_xauth/pam_xauth.c
@@ -509,6 +509,7 @@ pam_sm_open_session (pam_handle_t *pamh, int flags UNUSED,
 			goto cleanup;
 		}
 	} else if (asprintf(&cookiefile, "%s/%s", rpwd->pw_dir, XAUTHDEF) < 0) {
+		cookiefile = NULL;
 		retval = PAM_SESSION_ERR;
 		goto cleanup;
 	}
author	Christian Göttsche <cgzones@googlemail.com>	2024-02-22 16:16:30 +0100
committer	Christian Göttsche <cgzones@googlemail.com>	2024-02-22 16:16:30 +0100
commit	c6f5d2b3ab4370dd4c199922c96705c2a242a999 (patch)
tree	b3b9edf2d55fc4e51afe30a9e06fa1d3dae30e52 /modules/pam_xauth/pam_xauth.c
parent	1e2c6cecf81dcaeea0c2c9d37bc35eea120cd77d (diff)
download	pam-c6f5d2b3ab4370dd4c199922c96705c2a242a999.tar.gz pam-c6f5d2b3ab4370dd4c199922c96705c2a242a999.tar.bz2 pam-c6f5d2b3ab4370dd4c199922c96705c2a242a999.zip