[systemd-devel] [systemd PATCH 2/2] Fix file descriptor leak in efi_get_variable()

Fri Jan 25 04:59:43 PST 2013

Detected by cppcheck.

Signed-off-by: Thomas Jarosch <thomas.jarosch at intra2net.com>
---
 src/shared/efivars.c | 27 +++++++++++++++++++++------
 1 file changed, 21 insertions(+), 6 deletions(-)

diff --git a/src/shared/efivars.c b/src/shared/efivars.c
index d5cb88c..4402aec 100644
--- a/src/shared/efivars.c
+++ b/src/shared/efivars.c
@@ -53,30 +53,44 @@ int efi_get_variable(sd_id128_t vendor, const char *name, uint32_t *attribute, v
         if (fd < 0)
                 return -errno;
 
-        if (fstat(fd, &st) < 0)
+        if (fstat(fd, &st) < 0) {
+                close_nointr_nofail(fd);
                 return -errno;
-        if (st.st_size < 4)
+        }
+        if (st.st_size < 4) {
+                close_nointr_nofail(fd);
                 return -EIO;
-        if (st.st_size > 4*1024*1024 + 4)
+        }
+        if (st.st_size > 4*1024*1024 + 4) {
+                close_nointr_nofail(fd);
                 return -E2BIG;
+        }
 
         n = read(fd, &a, sizeof(a));
-        if (n < 0)
+        if (n < 0) {
+                close_nointr_nofail(fd);
                 return (int) n;
-        if (n != sizeof(a))
+        }
+        if (n != sizeof(a)) {
+                close_nointr_nofail(fd);
                 return -EIO;
+        }
 
         r = malloc(st.st_size - 4 + 2);
-        if (!r)
+        if (!r) {
+                close_nointr_nofail(fd);
                 return -ENOMEM;
+        }
 
         n = read(fd, r, (size_t) st.st_size - 4);
         if (n < 0) {
                 free(r);
+                close_nointr_nofail(fd);
                 return (int) -n;
         }
         if (n != (ssize_t) st.st_size - 4) {
                 free(r);
+                close_nointr_nofail(fd);
                 return -EIO;
         }
 
@@ -90,6 +104,7 @@ int efi_get_variable(sd_id128_t vendor, const char *name, uint32_t *attribute, v
         if (attribute)
                 *attribute = a;
 
+        close_nointr_nofail(fd);
         return 0;
 }
 
-- 
1.7.11.7

