Comment 0 for bug 1961459

These may not be security issues but it's possible I overlooked something; since they live in a security boundary I thought it worth reporting with a bit of hassle. If you'd rather work on this in the open, feel free to open this.

pam_adsys.c update_policy() arggv leak in fork() failure
pam_adsys.c update_machine_policy() arggv leak in fork() failure
pam_adsys.c update_machine_policy() -- status != 0 looks like it ought to
work but I don't think that's how that API is supposed to be used
pam_adsys.c pam_sm_open_session() -- gethostname() indentation is funny

Thanks