Merge branch 'hardlink' of https://github.com/rudimeier/util-linux into hardlink

[thirdparty/util-linux.git] / login-utils / vipw.c

diff --git a/login-utils/vipw.c b/login-utils/vipw.c
index 5999d8d15081d1d59333adfe2795935dc906ccd2..2502fcb4eab540814ce6c5d3dd9f8f4102d7d01c 100644 (file)
--- a/login-utils/vipw.c
+++ b/login-utils/vipw.c
@@ -100,6 +100,9 @@ static void copyfile(int from, int to)
 
        if (nr < 0)
                pw_error(orig_file, 1, 1);
+#ifdef HAVE_EXPLICIT_BZERO
+       explicit_bzero(buf, sizeof(buf));
+#endif
 }
 
 static void pw_init(void)
@@ -206,8 +209,7 @@ static void pw_edit(void)
 
        if (!pid) {
                execlp(editor, p, tmp_file, NULL);
-               /* Shouldn't get here */
-               _exit(EXIT_FAILURE);
+               errexec(editor);
        }
        for (;;) {
                pid = waitpid(pid, &pstat, WUNTRACED);
@@ -254,7 +256,7 @@ static void edit_file(int is_shadow)
        if (lckpwdf() < 0)
                err(EXIT_FAILURE, _("cannot get lock"));
 
-       passwd_file = open(orig_file, O_RDONLY, 0);
+       passwd_file = open(orig_file, O_RDONLY | O_CLOEXEC, 0);
        if (passwd_file < 0)
                err(EXIT_FAILURE, _("cannot open %s"), orig_file);
        tmp_fd = pw_tmpfile(passwd_file);
@@ -272,7 +274,7 @@ static void edit_file(int is_shadow)
        if (end.st_nlink == 0) {
                if (close_stream(tmp_fd) != 0)
                        err(EXIT_FAILURE, _("write error"));
-               tmp_fd = fopen(tmp_file, "r");
+               tmp_fd = fopen(tmp_file, "r" UL_CLOEXECSTR);
                if (!tmp_fd)
                        err(EXIT_FAILURE, _("cannot open %s"), tmp_file);
                if (fstat(fileno(tmp_fd), &end))