colin/buffybox
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

unl0kr-agent: check exit code of a child process

Browse Source 
If the call to execv() is failed (/usr/bin/unl0kr is absent, for example), the child process will exit with EXIT_FAILURE.
But since the agent does not check the exit code, it will not notice the problem and will return an empty password to systemd.
When the password is used to unlock a PKCS#11 or FIDO2 token, we can waste a limited number of tries or lock the token entirely.
The patch adds a check to avoid this sutuation.
This commit is contained in:
Vladimir Stoiakin
2025-05-06 15:03:58 +03:00
parent 1103aa224f
commit d8214b522a
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
unl0kr/unl0kr-agent.c
View File

@@ -458,9 +458,9 @@ int exec_unl0kr(char** ret_password)
goto exit2;
}
if (!WIFEXITED(status)) {
if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) {
ret = ECHILD;
fprintf(stderr, "unl0kr terminated abnormally\n");
fprintf(stderr, "unl0kr is failed\n");
goto exit2;
}