From 8514bfe08da3912fce8b6c17c39ef20af136a087 Mon Sep 17 00:00:00 2001
From: Robin Hack <rhack@redhat.com>
Date: Thu, 14 Aug 2014 13:33:56 +0200
Subject: pam_echo: Avoid leaking file descriptor.

modules/pam_echo/pam_echo.c (pam_echo): Close fd in error cases.
---
 modules/pam_echo/pam_echo.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/modules/pam_echo/pam_echo.c b/modules/pam_echo/pam_echo.c
index 043ff703..d0879fbf 100644
--- a/modules/pam_echo/pam_echo.c
+++ b/modules/pam_echo/pam_echo.c
@@ -180,16 +180,23 @@ pam_echo (pam_handle_t *pamh, int flags, int argc, const char **argv)
 
       /* load file into message buffer. */
       if ((fstat (fd, &st) < 0) || !st.st_size)
-	return PAM_IGNORE;
+	{
+	  close (fd);
+	  return PAM_IGNORE;
+	}
 
       mtmp = malloc (st.st_size + 1);
       if (!mtmp)
-	return PAM_BUF_ERR;
+	{
+	  close (fd);
+	  return PAM_BUF_ERR;
+	}
 
       if (pam_modutil_read (fd, mtmp, st.st_size) == -1)
 	{
 	  pam_syslog (pamh, LOG_ERR, "Error while reading %s: %m", file);
 	  free (mtmp);
+	  close (fd);
 	  return PAM_IGNORE;
 	}
 
-- 
cgit v1.2.3