pam_echo: Avoid leaking file descriptor.

modules/pam_echo/pam_echo.c (pam_echo): Close fd in error cases.
author: Robin Hack <rhack@redhat.com> 2014-08-14 13:33:56 +0200
committer: Tomas Mraz <tmraz@fedoraproject.org> 2014-08-14 13:33:56 +0200
commit: 8514bfe08da3912fce8b6c17c39ef20af136a087 (patch)
tree: b4e33e50362eee51fde15f2fdc7431f5e6c20aae /modules/pam_echo/pam_echo.c
parent: 05a1ccc0df92d0ca031699124ddf7ec3ce12f78f (diff)
1 files changed, 9 insertions, 2 deletions
diff --git a/modules/pam_echo/pam_echo.c b/modules/pam_echo/pam_echo.c
index 043ff703..d0879fbf 100644
--- a/modules/pam_echo/pam_echo.c
+++ b/modules/pam_echo/pam_echo.c
@@ -180,16 +180,23 @@ pam_echo (pam_handle_t *pamh, int flags, int argc, const char **argv)
 
       /* load file into message buffer. */
       if ((fstat (fd, &st) < 0) || !st.st_size)
-	return PAM_IGNORE;
+	{
+	  close (fd);
+	  return PAM_IGNORE;
+	}
 
       mtmp = malloc (st.st_size + 1);
       if (!mtmp)
-	return PAM_BUF_ERR;
+	{
+	  close (fd);
+	  return PAM_BUF_ERR;
+	}
 
       if (pam_modutil_read (fd, mtmp, st.st_size) == -1)
 	{
 	  pam_syslog (pamh, LOG_ERR, "Error while reading %s: %m", file);
 	  free (mtmp);
+	  close (fd);
 	  return PAM_IGNORE;
 	}
author	Robin Hack <rhack@redhat.com>	2014-08-14 13:33:56 +0200
committer	Tomas Mraz <tmraz@fedoraproject.org>	2014-08-14 13:33:56 +0200
commit	8514bfe08da3912fce8b6c17c39ef20af136a087 (patch)
tree	b4e33e50362eee51fde15f2fdc7431f5e6c20aae /modules/pam_echo/pam_echo.c
parent	05a1ccc0df92d0ca031699124ddf7ec3ce12f78f (diff)