Source: nn
Version: 6.7.3-14
Severity: normal
Tags: patch
Dear Maintainer,
>From 35eacc5e3ac83d71a22139bc8bd52fb43316a47c Mon Sep 17 00:00:00 2001
>From: Bjarni Ingi Gislason <bjarn...@rhi.hi.is>
>Date: Thu, 1 Apr 2021 23:47:36 +0000
>Subject: [PATCH] nntp.c: close the file pointer "in" before returning
The compiler option "-fanalyzer" shows:
nntp.c:1726:9: warning: leak of FILE 'in' [CWE-775] [-Wanalyzer-file-leak]
1726 | return 1;
| ^
...
| 1716 | FILE *in = fopen(temp_file, "r");
Signed-off-by: Bjarni Ingi Gislason <bjarn...@rhi.hi.is>
---
nntp.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/nntp.c b/nntp.c
index 66064b6..07d7420 100644
--- a/nntp.c
+++ b/nntp.c
@@ -1723,8 +1723,10 @@ nntp_post(char *temp_file)
sprintf(delayed_msg, "Posting failed because we couldn't re-open file
%s.", temp_file);
return 1;
}
- if (!is_connected && connect_server() < 0)
+ if (!is_connected && connect_server() < 0) {
+ fclose(in);
return 1;
+ }
switch (n = ask_server("POST")) {
case CONT_POST:
--
2.30.2
-- System Information:
Debian Release: bullseye/sid
APT prefers testing-security
APT policy: (500, 'testing-security'), (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.10.24-1 (SMP w/2 CPU threads)
Locale: LANG=is_IS.iso88591, LC_CTYPE=is_IS.iso88591 (charmap=ISO-8859-1),
LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
-- debconf information excluded
--
Bjarni I. Gislason
