From 994b3295c2b9fb16c1f61f4a03518483a51a7872 Mon Sep 17 00:00:00 2001
From: Karel Zak <kzak@redhat.com>
Date: Fri, 11 Jun 2021 15:10:22 +0200
Subject: [PATCH] newgrp: fix memory leak [coverity scan]

Signed-off-by: Karel Zak <kzak@redhat.com>
---
 login-utils/newgrp.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/login-utils/newgrp.c b/login-utils/newgrp.c
index 2c0aab114..2acbc9107 100644
--- a/login-utils/newgrp.c
+++ b/login-utils/newgrp.c
@@ -123,7 +123,7 @@ static int allow_setgid(const struct passwd *pe, const struct group *ge)
 {
 	char **look;
 	int notfound = 1;
-	char *pwd, *xpwd;
+	char *pwd, *xpwd, *spwd;
 
 	if (getuid() == 0)
 		/* root may do anything */
@@ -144,8 +144,8 @@ static int allow_setgid(const struct passwd *pe, const struct group *ge)
 	 * as in /etc/passwd */
 
 	/* check /etc/gshadow */
-	if (!(pwd = get_gshadow_pwd(ge->gr_name)))
-		pwd = ge->gr_passwd;
+	spwd = get_gshadow_pwd(ge->gr_name);
+	pwd = spwd ? spwd : ge->gr_passwd;
 
 	if (pwd && *pwd && (xpwd = xgetpass(stdin, _("Password: ")))) {
 		char *cbuf = crypt(xpwd, pwd);
@@ -162,6 +162,8 @@ static int allow_setgid(const struct passwd *pe, const struct group *ge)
 			return TRUE;
 	}
 
+	free(spwd);
+
 	/* default to denial */
 	return FALSE;
 }