[lxc-devel] [cgmanager/master] check for NULL pointer returned by pam_get_data() in session close
maciejsszmigiero on Github
lxc-bot at linuxcontainers.org
Sat Mar 17 13:16:27 UTC 2018
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 546 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20180317/b899c565/attachment.bin>
-------------- next part --------------
From 76a000c2c3f81fba0ab9b674cead83c85e766d0f Mon Sep 17 00:00:00 2001
From: "Maciej S. Szmigiero" <mail at maciej.szmigiero.name>
Date: Sat, 17 Mar 2018 13:35:49 +0100
Subject: [PATCH] pam_cgm: check for NULL pointer returned by pam_get_data() in
session close
It turns out that PAM can call module pam_sm_close_session() function even
though this module pam_sm_open_session() returned an error.
In this case pam_get_data() in pam_sm_close_session() will return NULL - we
need to check for that.
Signed-off-by: Maciej S. Szmigiero <mail at maciej.szmigiero.name>
---
pam/pam_cgm.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/pam/pam_cgm.c b/pam/pam_cgm.c
index 0ba4f11..01e639c 100644
--- a/pam/pam_cgm.c
+++ b/pam/pam_cgm.c
@@ -843,7 +843,9 @@ int pam_sm_close_session(pam_handle_t *pamh, int flags, int argc,
if (ret != PAM_SUCCESS) {
mysyslog(LOG_ERR, "cannot get handle data (%d)\n", ret);
return ret;
- } else
+ } else if (hd_ptr == NULL)
+ return PAM_SUCCESS;
+ else
hd = (struct handle_data *)hd_ptr;
if (!hd->session_open) {
More information about the lxc-devel
mailing list