lib/krb5_wrap: Fix leaking using mkstemp
authorNoel Power <noel.power@suse.com>
Tue, 2 Jul 2019 08:29:47 +0000 (09:29 +0100)
committerNoel Power <npower@samba.org>
Wed, 3 Jul 2019 08:55:23 +0000 (08:55 +0000)
commit: 8b92539997a9df8e0d217790fd82fc8f59ea50cc introduced a leak
by replacing mktemp with mkstemp (mkstemp returns an open fd)

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
lib/krb5_wrap/krb5_samba.c

index 37257dd..72889ff 100644 (file)
@@ -2001,6 +2001,7 @@ krb5_error_code smb_krb5_kinit_keyblock_ccache(krb5_context ctx,
        char tmp_name[sizeof(SMB_CREDS_KEYTAB)];
        krb5_keytab_entry entry;
        krb5_keytab keytab;
+       int tmpfd;
        mode_t mask;
 
        memset(&entry, 0, sizeof(entry));
@@ -2009,11 +2010,13 @@ krb5_error_code smb_krb5_kinit_keyblock_ccache(krb5_context ctx,
 
        memcpy(tmp_name, SMB_CREDS_KEYTAB, sizeof(SMB_CREDS_KEYTAB));
        mask = umask(S_IRWXO | S_IRWXG);
-       mkstemp(tmp_name);
+       tmpfd = mkstemp(tmp_name);
        umask(mask);
-       if (tmp_name[0] == 0) {
+       if (tmpfd == -1) {
+               DBG_ERR("Failed to mkstemp %s\n", tmp_name);
                return KRB5_KT_BADNAME;
        }
+       close(tmpfd);
        code = krb5_kt_resolve(ctx, tmp_name, &keytab);
        if (code) {
                return code;