From: Dmitry V. Levin Date: Fri, 24 Jan 2014 13:38:38 +0000 (+0000) Subject: pam_xauth: avoid potential SIGPIPE when writing to xauth process X-Git-Tag: Linux-PAM-1_2_0~50 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=47db675c910a065fa9602753a904b050b0322f29;p=linux-pam pam_xauth: avoid potential SIGPIPE when writing to xauth process Similar issue in pam_unix was fixed by commit Linux-PAM-0-73~8. * modules/pam_xauth/pam_xauth.c (run_coprocess): In the parent process, close the read end of input pipe after writing to its write end. --- diff --git a/modules/pam_xauth/pam_xauth.c b/modules/pam_xauth/pam_xauth.c index 70755475..c7ce55ab 100644 --- a/modules/pam_xauth/pam_xauth.c +++ b/modules/pam_xauth/pam_xauth.c @@ -179,12 +179,12 @@ run_coprocess(pam_handle_t *pamh, const char *input, char **output, } /* We're the parent, so close the other ends of the pipes. */ - close(ipipe[0]); close(opipe[1]); /* Send input to the process (if we have any), then send an EOF. */ if (input) { (void)pam_modutil_write(ipipe[1], input, strlen(input)); } + close(ipipe[0]); /* close here to avoid possible SIGPIPE above */ close(ipipe[1]); /* Read data output until we run out of stuff to read. */