PAM: Fix unchecked return value from zfs_key_config_load()

9a49c6b782443ba6e627f2261c45f082ad843094 was intended to fix this issue,
but I had missed the case in pam_sm_open_session(). Clang's static
analyzer had not reported it and I forgot to look for other cases.

Interestingly, GCC gcc-12.1.1_p20220625's static analyzer had caught
this as multiple double-free bugs, since another failure after the
failure in zfs_key_config_load() will cause us to attempt to free the
memory that zfs_key_config_load() was supposed to allocate, but had
cleaned up upon failure.

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Richard Yao <richard.yao@alumni.stonybrook.edu>
Closes #13978

diff --git a/contrib/pam_zfs_key/pam_zfs_key.c b/contrib/pam_zfs_key/pam_zfs_key.c
index 8c59fc7eb716017d7b023e29d960f93cd1596097..e3fa9e9b2553b502c727027ae5f44e3db6145c32 100644 (file)
--- a/contrib/pam_zfs_key/pam_zfs_key.c
+++ b/contrib/pam_zfs_key/pam_zfs_key.c
@@ -754,7 +754,10 @@ pam_sm_open_session(pam_handle_t *pamh, int flags,
                return (PAM_SUCCESS);
        }
        zfs_key_config_t config;
-       zfs_key_config_load(pamh, &config, argc, argv);
+       if (zfs_key_config_load(pamh, &config, argc, argv) != 0) {
+               return (PAM_SESSION_ERR);
+       }
+
        if (config.uid < 1000) {
                zfs_key_config_free(&config);
                return (PAM_SUCCESS);