From f060c2bc85d59d111fa18a12eb3872ee4b9f7e97 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Thu, 18 Feb 2021 10:33:58 +1100
Subject: don't free string returned by login_getcapstr(3)

OpenBSD and NetBSD require the caller to free strings returned
bu the login_* functions, but FreeBSD requires that callers don't.

Fortunately in this case, we can harmlessly leak as the process is
about to exec the shell/command.

From https://reviews.freebsd.org/D28617 via Ed Maste; ok dtucker@
---
 session.c | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/session.c b/session.c
index e63fc472..4b155f91 100644
--- a/session.c
+++ b/session.c
@@ -1287,11 +1287,8 @@ do_nologin(struct passwd *pw)
 		return;
 	nl = def_nl;
 #endif
-	if (stat(nl, &sb) == -1) {
-		if (nl != def_nl)
-			free(nl);
+	if (stat(nl, &sb) == -1)
 		return;
-	}
 
 	/* /etc/nologin exists.  Print its contents if we can and exit. */
 	logit("User %.100s not allowed because %s exists", pw->pw_name, nl);
-- 
cgit v1.2.3