From 2bae5daf16d4466185fac89539d653b269a3ea01 Mon Sep 17 00:00:00 2001
From: ikerexxe <ipedrosa@redhat.com>
Date: Mon, 29 Jun 2020 15:40:40 +0200
Subject: pam_namespace, pam_mkhomedir: fix unlikely descriptor leaks on error
 path

[ldv: rewrote commit message]

* modules/pam_mkhomedir/mkhomedir_helper.c (create_homedir): Close just
opened file descriptor "srcfd" in an unlikely case when it cannot be
fstat'ed.
* modules/pam_namespace/pam_namespace.c (create_instance): Close just
opened file descriptor "fd" in an unlikely case when it cannot be
fstat'ed.
---
 modules/pam_mkhomedir/mkhomedir_helper.c | 2 ++
 modules/pam_namespace/pam_namespace.c    | 1 +
 2 files changed, 3 insertions(+)

diff --git a/modules/pam_mkhomedir/mkhomedir_helper.c b/modules/pam_mkhomedir/mkhomedir_helper.c
index 8969da52..91bf49a3 100644
--- a/modules/pam_mkhomedir/mkhomedir_helper.c
+++ b/modules/pam_mkhomedir/mkhomedir_helper.c
@@ -232,6 +232,8 @@ create_homedir(const struct passwd *pwd,
       {
          pam_syslog(NULL, LOG_DEBUG,
 		    "unable to open or stat src file %s: %m", newsource);
+         if (srcfd >= 0)
+            close(srcfd);
          closedir(d);
 
 #ifndef PATH_MAX
diff --git a/modules/pam_namespace/pam_namespace.c b/modules/pam_namespace/pam_namespace.c
index 63b5c665..57b322fe 100644
--- a/modules/pam_namespace/pam_namespace.c
+++ b/modules/pam_namespace/pam_namespace.c
@@ -1488,6 +1488,7 @@ static int create_instance(struct polydir_s *polyptr, char *ipath, struct stat *
     if (fstat(fd, &newstatbuf) < 0) {
         pam_syslog(idata->pamh, LOG_ERR, "Error stating %s, %m",
 		ipath);
+	close(fd);
 	rmdir(ipath);
         return PAM_SESSION_ERR;
     }
-- 
cgit v1.2.3