git: accf8cee6dd0 - releng/14.1 - pam_xdg: Fix user xdg runtime directory's descriptor leak
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 29 Oct 2024 18:57:01 UTC
The branch releng/14.1 has been updated by emaste:
URL: https://cgit.FreeBSD.org/src/commit/?id=accf8cee6dd09bc2d0a02cf45ec4386ec42970bf
commit accf8cee6dd09bc2d0a02cf45ec4386ec42970bf
Author: Olivier Certner <olce@FreeBSD.org>
AuthorDate: 2024-08-13 21:04:09 +0000
Commit: Ed Maste <emaste@FreeBSD.org>
CommitDate: 2024-10-29 18:56:03 +0000
pam_xdg: Fix user xdg runtime directory's descriptor leak
Approved by: emaste (mentor)
Fixes: 6e69612d5df1 ("pam: Add pam_xdg module")
MFC after: 3 days
Security: FreeBSD-EN-17.pam_xdg
Approved by: so
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 06986e899972ac3a127ab2ab46196672d0e1e5b2)
(cherry picked from commit 9e8d504bb5a1e7ede55814069e213d4702172b81)
---
lib/libpam/modules/pam_xdg/pam_xdg.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/lib/libpam/modules/pam_xdg/pam_xdg.c b/lib/libpam/modules/pam_xdg/pam_xdg.c
index 4d586a21566a..1ad7c56dddb5 100644
--- a/lib/libpam/modules/pam_xdg/pam_xdg.c
+++ b/lib/libpam/modules/pam_xdg/pam_xdg.c
@@ -108,6 +108,7 @@ _pam_xdg_open(pam_handle_t *pamh, int flags __unused,
goto out;
}
} else {
+ close(rt_dir);
/* Check that the already create dir is correctly owned */
rv = fstatat(rt_dir_prefix, user, &sb, 0);
if (rv == -1) {