On Fri, May 05, 2023 at 11:00:12AM -0600, Todd C. Miller wrote:
> This looks OK but I'd like to see an error message if waitpid()
> really does fail. How about something like this, which also avoid
> needing the extra variable?
Yes, looks much better!
Index: local_passwd.c
===================================================================
RCS file: /cvs/src/usr.bin/passwd/local_passwd.c,v
retrieving revision 1.63
diff -u -p -u -p -r1.63 local_passwd.c
--- local_passwd.c 10 Feb 2022 13:06:46 -0000 1.63
+++ local_passwd.c 5 May 2023 17:03:43 -0000
@@ -217,7 +217,7 @@ getnewpasswd(struct passwd *pw, login_ca
continue;
}
- if ((tries++ < pwd_tries || pwd_tries == 0) &&
+ if ((pwd_tries == 0 || tries++ < pwd_tries) &&
pwd_check(lc, p) == 0)
continue;
p = readpassphrase("Retype new password:", repeat,
sizeof(repeat),
Index: pwd_check.c
===================================================================
RCS file: /cvs/src/usr.bin/passwd/pwd_check.c,v
retrieving revision 1.17
diff -u -p -u -p -r1.17 pwd_check.c
--- pwd_check.c 28 Aug 2021 06:46:49 -0000 1.17
+++ pwd_check.c 5 May 2023 17:03:43 -0000
@@ -114,6 +114,8 @@ pwd_check(login_cap_t *lc, char *passwor
switch (child = fork()) {
case -1:
warn("fork");
+ close(pipefds[0]);
+ close(pipefds[1]);
goto out;
case 0:
(void)signal(SIGINT, SIG_DFL);
@@ -184,8 +186,10 @@ pwd_check(login_cap_t *lc, char *passwor
/* get the return value from the child */
while (waitpid(child, &res, 0) == -1) {
- if (errno != EINTR)
- break;
+ if (errno != EINTR) {
+ warn("waitpid");
+ goto out;
+ }
}
if (WIFEXITED(res) && WEXITSTATUS(res) == 0) {
free(checker);
