summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRolf Eike Beer <[email protected]>2018-10-13 14:03:34 +0200
committerRolf Eike Beer <[email protected]>2018-10-31 12:34:20 +0100
commitfcbcf0f1bdfab2597b4e2844688c53f40f05b59c (patch)
treef86f4a672814d8780159d996386d93d3f1c08bef
parent45c0f6d3175bebbcfd36558ca3f4c654288bf033 (diff)
do not use buffered file IO
This is not necessary here. Additionally we can use O_CLOEXEC to make sure the file descriptors are not leaked by accident. Differential Revision: https://phabricator.kde.org/D13100
-rw-r--r--pam_kwallet.c22
1 files changed, 14 insertions, 8 deletions
diff --git a/pam_kwallet.c b/pam_kwallet.c
index bc7a90f..92b4d4e 100644
--- a/pam_kwallet.c
+++ b/pam_kwallet.c
@@ -16,6 +16,7 @@
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA *
*************************************************************************************/
+#include <fcntl.h>
#include <gcrypt.h>
#include <stdio.h>
#include <signal.h>
@@ -692,16 +693,21 @@ static void createNewSalt(pam_handle_t *pamh, const char *path, struct passwd *u
free(dir);
char *salt = gcry_random_bytes(KWALLET_PAM_SALTSIZE, GCRY_STRONG_RANDOM);
- FILE *fd = fopen(path, "w");
+ const int fd = open(path, O_CREAT | O_WRONLY | O_TRUNC | O_CLOEXEC, 0600);
//If the file can't be created
- if (fd == NULL) {
+ if (fd == -1) {
syslog(LOG_ERR, "%s: Couldn't open file: %s because: %d-%s", logPrefix, path, errno, strerror(errno));
exit(-2);
}
- fwrite(salt, KWALLET_PAM_SALTSIZE, 1, fd);
- fclose(fd);
+ const ssize_t wlen = write(fd, salt, KWALLET_PAM_SALTSIZE);
+ close(fd);
+ if (wlen != KWALLET_PAM_SALTSIZE) {
+ syslog(LOG_ERR, "%s: Short write to file: %s", logPrefix, path);
+ unlink(path);
+ exit(-2);
+ }
exit(0); // success
} else {
@@ -746,8 +752,8 @@ static int readSaltFile(pam_handle_t *pamh, char *path, struct passwd *userInfo,
exit(-1);
}
- FILE *fd = fopen(path, "r");
- if (fd == NULL) {
+ const int fd = open(path, O_RDONLY | O_CLOEXEC);
+ if (fd == -1) {
syslog(LOG_ERR, "%s: Couldn't open file: %s because: %d-%s", logPrefix, path, errno, strerror(errno));
free(path);
close(readSaltPipe[1]);
@@ -755,8 +761,8 @@ static int readSaltFile(pam_handle_t *pamh, char *path, struct passwd *userInfo,
}
free(path);
char salt[KWALLET_PAM_SALTSIZE] = {};
- const int bytesRead = fread(salt, 1, KWALLET_PAM_SALTSIZE, fd);
- fclose(fd);
+ const ssize_t bytesRead = read(fd, salt, KWALLET_PAM_SALTSIZE);
+ close(fd);
if (bytesRead != KWALLET_PAM_SALTSIZE) {
syslog(LOG_ERR, "%s: Couldn't read the full salt file contents from file. %d:%d", logPrefix, bytesRead, KWALLET_PAM_SALTSIZE);
exit(-1);