From 47db675c910a065fa9602753a904b050b0322f29 Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Fri, 24 Jan 2014 13:38:38 +0000 Subject: pam_xauth: avoid potential SIGPIPE when writing to xauth process Similar issue in pam_unix was fixed by commit Linux-PAM-0-73~8. * modules/pam_xauth/pam_xauth.c (run_coprocess): In the parent process, close the read end of input pipe after writing to its write end. --- modules/pam_xauth/pam_xauth.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules/pam_xauth') diff --git a/modules/pam_xauth/pam_xauth.c b/modules/pam_xauth/pam_xauth.c index 70755475..c7ce55ab 100644 --- a/modules/pam_xauth/pam_xauth.c +++ b/modules/pam_xauth/pam_xauth.c @@ -179,12 +179,12 @@ run_coprocess(pam_handle_t *pamh, const char *input, char **output, } /* We're the parent, so close the other ends of the pipes. */ - close(ipipe[0]); close(opipe[1]); /* Send input to the process (if we have any), then send an EOF. */ if (input) { (void)pam_modutil_write(ipipe[1], input, strlen(input)); } + close(ipipe[0]); /* close here to avoid possible SIGPIPE above */ close(ipipe[1]); /* Read data output until we run out of stuff to read. */ -- cgit v1.2.3