From 71a3238b7996285fc3c8dec841244ba95d663fa5 Mon Sep 17 00:00:00 2001
From: Alejandro Colomar <alx@kernel.org>
Date: Fri, 17 May 2024 02:15:15 +0200
Subject: [PATCH] src/usermod.c: update_gshadow_file(): Fix RESOURCE_LEAK
 (CWE-772)

Report:
> shadow-4.15.0/src/usermod.c:864:3: alloc_fn: Storage is returned from allocation function "__sgr_dup".
> shadow-4.15.0/src/usermod.c:864:3: var_assign: Assigning: "nsgrp" = storage returned from "__sgr_dup(sgrp)".
> shadow-4.15.0/src/usermod.c:964:1: leaked_storage: Variable "nsgrp" going out of scope leaks the storage it points to.
> 962|                   free (nsgrp);
> 963|           }
> 964|-> }
> 965|   #endif                                /* SHADOWGRP */
> 966|

Link: https://issues.redhat.com/browse/RHEL-35383
Reported-by: Iker Pedrosa <ipedrosa@redhat.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
---
 src/usermod.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/usermod.c b/src/usermod.c
index e0cfdd837..bb5d35355 100644
--- a/src/usermod.c
+++ b/src/usermod.c
@@ -921,9 +921,8 @@ update_gshadow_file(void)
 			SYSLOG ((LOG_INFO, "add '%s' to shadow group '%s'",
 			         user_newname, nsgrp->sg_name));
 		}
-		if (!changed) {
-			continue;
-		}
+		if (!changed)
+			goto free_nsgrp;
 
 		changed = false;
 
@@ -939,6 +938,7 @@ update_gshadow_file(void)
 			fail_exit (E_GRP_UPDATE);
 		}
 
+free_nsgrp:
 		free (nsgrp);
 	}
 }
-- 
2.47.3