From 1ca5bfed50bd9f6c2f1e3e36c2df3253923dadf6 Mon Sep 17 00:00:00 2001 From: Iker Pedrosa Date: Wed, 22 May 2024 12:27:00 +0200 Subject: pam_timestamp: close the timestamp file on error path * modules/pam_timestamp/pam_timestamp.c (pam_sm_authenticate) [WITH_OPENSSL]: Close the timestamp file if hmac_size returned an error. ``` Error: RESOURCE_LEAK (CWE-772): Linux-PAM-1.6.0/modules/pam_timestamp/pam_timestamp.c:450: open_fn: Returning handle opened by "open". [Note: The source code implementation of the function has been overridden by a user model.] Linux-PAM-1.6.0/modules/pam_timestamp/pam_timestamp.c:450: var_assign: Assigning: "fd" = handle returned from "open(path, 131072)". Linux-PAM-1.6.0/modules/pam_timestamp/pam_timestamp.c:460: noescape: Resource "fd" is not freed or pointed-to in "fstat". Linux-PAM-1.6.0/modules/pam_timestamp/pam_timestamp.c:484: leaked_handle: Handle variable "fd" going out of scope leaks the handle. 482| #ifdef WITH_OPENSSL 483| if (hmac_size(pamh, debug, &maclen)) { 484|-> return PAM_AUTH_ERR; 485| } 486| #else ``` Resolves: https://issues.redhat.com/browse/RHEL-36475 Signed-off-by: Iker Pedrosa --- modules/pam_timestamp/pam_timestamp.c | 1 + 1 file changed, 1 insertion(+) (limited to 'modules/pam_timestamp') diff --git a/modules/pam_timestamp/pam_timestamp.c b/modules/pam_timestamp/pam_timestamp.c index 7c5457c4..edecc052 100644 --- a/modules/pam_timestamp/pam_timestamp.c +++ b/modules/pam_timestamp/pam_timestamp.c @@ -481,6 +481,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) #ifdef WITH_OPENSSL if (hmac_size(pamh, debug, &maclen)) { + close(fd); return PAM_AUTH_ERR; } #else -- cgit v1.2.3