From: Christian Göttsche <cgzones@googlemail.com>
Date: Mon, 11 Dec 2023 16:18:38 +0000 (+0100)
Subject: lib/utmp: merge file access
X-Git-Tag: 4.15.0-rc1~80
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7f20bb88ad8ec78d64cb2d02f22165a697367d48;p=thirdparty%2Fshadow.git

lib/utmp: merge file access

Avoid checking if the file exists before opening it.

Resolves a CodeQL report of Time-of-check time-of-use filesystem race
condition.
---

diff --git a/lib/utmp.c b/lib/utmp.c
index dabe8b2e8..6acd196f0 100644
--- a/lib/utmp.c
+++ b/lib/utmp.c
@@ -85,15 +85,13 @@ static void failtmp (const char *username, const struct utmp *failent)
 	 * feature to be used.
 	 */
 
-	if (access (ftmp, F_OK) != 0) {
-		return;
-	}
-
 	fd = open (ftmp, O_WRONLY | O_APPEND);
 	if (-1 == fd) {
-		SYSLOG ((LOG_WARN,
-		         "Can't append failure of user %s to %s.",
-		         username, ftmp));
+		if (errno != ENOENT) {
+			SYSLOG ((LOG_WARN,
+			        "Can't append failure of user %s to %s: %m",
+			        username, ftmp));
+		}
 		return;
 	}