[apparmor] [patch] libapparmor: don't close invalid fd
Tyler Hicks
tyhicks at canonical.com
Fri Mar 18 21:25:19 UTC 2016
On 2016-03-18 10:42:09, Steve Beattie wrote:
> It's possible to end up unreferencing a kernel_interface object that has
> ->dirfd set to -1. This patch avoids calling close(2) on that fd.
> (close(-1) will just return EBADF anyway.)
>
> Coverity CIDs #55996 and #55997
>
> Signed-off-by: Steve Beattie <steve at nxnw.org>
Acked-by: Tyler Hicks <tyhicks at canonical.com>
Thanks!
> ---
> libraries/libapparmor/src/kernel_interface.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> Index: b/libraries/libapparmor/src/kernel_interface.c
> ===================================================================
> --- a/libraries/libapparmor/src/kernel_interface.c
> +++ b/libraries/libapparmor/src/kernel_interface.c
> @@ -285,7 +285,8 @@ void aa_kernel_interface_unref(aa_kernel
> {
> if (kernel_interface &&
> atomic_dec_and_test(&kernel_interface->ref_count)) {
> - close(kernel_interface->dirfd);
> + if (kernel_interface->dirfd >= 0)
> + close(kernel_interface->dirfd);
> free(kernel_interface);
> }
> }
>
> --
> Steve Beattie
> <sbeattie at ubuntu.com>
> http://NxNW.org/~steve/
> --
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160318/2164c032/attachment.pgp>
More information about the AppArmor
mailing list