PAM: Fix unchecked return value from zfs_key_config_load()

9a49c6b was intended to fix this issue, but I had missed the case in pam_sm_open_session(). Clang's static analyzer had not reported it and I forgot to look for other cases. Interestingly, GCC gcc-12.1.1_p20220625's static analyzer had caught this as multiple double-free bugs, since another failure after the failure in zfs_key_config_load() will cause us to attempt to free the memory that zfs_key_config_load() was supposed to allocate, but had cleaned up upon failure. Reviewed-by: Brian Behlendorf <[email protected]> Signed-off-by: Richard Yao <[email protected]> Closes openzfs#13978
openzfsonwindows · Oct 6, 2022 · f19f80f · f19f80f
1 parent 53c3ca1
commit f19f80f
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/contrib/pam_zfs_key/pam_zfs_key.c b/contrib/pam_zfs_key/pam_zfs_key.c
@@ -754,7 +754,10 @@ pam_sm_open_session(pam_handle_t *pamh, int flags,
 		return (PAM_SUCCESS);
 	}
 	zfs_key_config_t config;
-	zfs_key_config_load(pamh, &config, argc, argv);
+	if (zfs_key_config_load(pamh, &config, argc, argv) != 0) {
+		return (PAM_SESSION_ERR);
+	}
+
 	if (config.uid < 1000) {
 		zfs_key_config_free(&config);
 		return (PAM_SUCCESS);