journal_fdopen: free closure->journal_path on fdopen() error

millert · millert · commit 61c5a99f735e · 2025-11-11T17:15:21.000-07:00
If fdopen() fails, free and zero out closure->journal_path to clean up before returning. Other parts of logsrvd inspect closure->journal_path and use it to determine if journaling is being performed. Found by the ZeroPath AI Security Engineer <https://zeropath.com>
diff --git a/logsrvd/logsrvd_journal.c b/logsrvd/logsrvd_journal.c
@@ -78,6 +78,8 @@ journal_fdopen(int fd, const char *journal_path,
     if ((closure->journal = fdopen(fd, "r+")) == NULL) {
 	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO|SUDO_DEBUG_ERRNO,
 	    "unable to fdopen journal file %s", journal_path);
+	free(closure->journal_path);
+	closure->journal_path = NULL;
 	debug_return_bool(false);
     }
 

Original file line number	Diff line number	Diff line change
`@@ -78,6 +78,8 @@ journal_fdopen(int fd, const char *journal_path,`
`78`	`78`	`if ((closure->journal = fdopen(fd, "r+")) == NULL) {`
`79`	`79`	`sudo_debug_printf(SUDO_DEBUG_ERROR\|SUDO_DEBUG_LINENO\|SUDO_DEBUG_ERRNO,`
`80`	`80`	`"unable to fdopen journal file %s", journal_path);`
	`81`	`+ free(closure->journal_path);`
	`82`	`+ closure->journal_path = NULL;`
`81`	`83`	`debug_return_bool(false);`
`82`	`84`	`}`
`83`	`85`