[apparmor] [patch] libapparmor: don't close invalid fd
Steve Beattie
steve at nxnw.org
Fri Mar 18 17:42:09 UTC 2016
It's possible to end up unreferencing a kernel_interface object that has
->dirfd set to -1. This patch avoids calling close(2) on that fd.
(close(-1) will just return EBADF anyway.)
Coverity CIDs #55996 and #55997
Signed-off-by: Steve Beattie <steve at nxnw.org>
---
libraries/libapparmor/src/kernel_interface.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
Index: b/libraries/libapparmor/src/kernel_interface.c
===================================================================
--- a/libraries/libapparmor/src/kernel_interface.c
+++ b/libraries/libapparmor/src/kernel_interface.c
@@ -285,7 +285,8 @@ void aa_kernel_interface_unref(aa_kernel
{
if (kernel_interface &&
atomic_dec_and_test(&kernel_interface->ref_count)) {
- close(kernel_interface->dirfd);
+ if (kernel_interface->dirfd >= 0)
+ close(kernel_interface->dirfd);
free(kernel_interface);
}
}
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160318/e9a17a6d/attachment-0001.pgp>
More information about the AppArmor
mailing list