git: 372f51eaf363 - stable/12 - Merge upstream r948: fix race condition in openpam_ttyconv(3).

From: Dag-Erling Smørgrav <des_at_FreeBSD.org>
Date: Tue, 27 Jun 2023 17:22:02 UTC 
The branch stable/12 has been updated by des:

URL: https://cgit.FreeBSD.org/src/commit/?id=372f51eaf3638036eddeac6710afa00d6582bea4

commit 372f51eaf3638036eddeac6710afa00d6582bea4
Author:     Dag-Erling Smørgrav <des@FreeBSD.org>
AuthorDate: 2020-11-19 05:46:59 +0000
Commit:     Dag-Erling Smørgrav <des@FreeBSD.org>
CommitDate: 2023-06-27 17:21:25 +0000

    Merge upstream r948: fix race condition in openpam_ttyconv(3).
    
    (cherry picked from commit a90c7d9aa82430454b3194d6750e0c0c748ac6dc)
---
 contrib/openpam/CREDITS                      |  1 +
 contrib/openpam/lib/libpam/openpam_ttyconv.c | 12 ++++++------
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/contrib/openpam/CREDITS b/contrib/openpam/CREDITS
index b40c9d3b4826..a560f9e12c1f 100644
--- a/contrib/openpam/CREDITS
+++ b/contrib/openpam/CREDITS
@@ -18,6 +18,7 @@ ideas:
 	Ankita Pal <pal.ankita.ankita@gmail.com>
 	Baptiste Daroussin <bapt@freebsd.org>
 	Brian Fundakowski Feldman <green@freebsd.org>
+	Brooks Davis <brooks@freebsd.org>
 	Christos Zoulas <christos@netbsd.org>
 	Daniel Richard G. <skunk@iskunk.org>
 	Darren J. Moffat <darren.moffat@sun.com>
diff --git a/contrib/openpam/lib/libpam/openpam_ttyconv.c b/contrib/openpam/lib/libpam/openpam_ttyconv.c
index 8066b3b67298..1a50f1c99639 100644
--- a/contrib/openpam/lib/libpam/openpam_ttyconv.c
+++ b/contrib/openpam/lib/libpam/openpam_ttyconv.c
@@ -94,12 +94,6 @@ prompt_tty(int ifd, int ofd, const char *message, char *response, int echo)
 	int pos, ret;
 	char ch;
 
-	/* write prompt */
-	if (write(ofd, message, strlen(message)) < 0) {
-		openpam_log(PAM_LOG_ERROR, "write(): %m");
-		return (-1);
-	}
-
 	/* turn echo off if requested */
 	slflag = 0; /* prevent bogus uninitialized variable warning */
 	if (!echo) {
@@ -115,6 +109,12 @@ prompt_tty(int ifd, int ofd, const char *message, char *response, int echo)
 		}
 	}
 
+	/* write prompt */
+	if (write(ofd, message, strlen(message)) < 0) {
+		openpam_log(PAM_LOG_ERROR, "write(): %m");
+		return (-1);
+	}
+
 	/* install signal handlers */
 	caught_signal = 0;
 	action.sa_handler = &catch_signal;