Hello,
this diff fix a filedescriptor leak in authpf.c.
The function allowed_luser() is call one time
directly from main() but I think it should be
consistent.
I just compiled the sources but could not test
the code path.
bye,
Jan
Index: authpf.c
===================================================================
RCS file: /mount/cvsdev/cvs/openbsd/src/usr.sbin/authpf/authpf.c,v
retrieving revision 1.115
diff -u -w -p -r1.115 authpf.c
--- authpf.c 2 Sep 2010 14:01:04 -0000 1.115
+++ authpf.c 18 Jan 2012 09:13:49 -0000
@@ -523,6 +523,7 @@ allowed_luser(struct passwd *pw)
"invalid group '%s' in %s (%s)",
buf + 1, PATH_ALLOWFILE,
strerror(errno));
+ fclose(f);
return (0);
}
@@ -549,9 +550,11 @@ allowed_luser(struct passwd *pw)
lbuf = NULL;
}
- if (matched)
+ if (matched) {
+ fclose(f);
return (1); /* matched an allowed
user/group */
}
+ }
syslog(LOG_INFO, "denied access to %s: not listed in %s",
pw->pw_name, PATH_ALLOWFILE);
@@ -560,6 +563,7 @@ allowed_luser(struct passwd *pw)
fputs(buf, stdout);
}
fflush(stdout);
+ fclose(f);
return (0);
}
