Source: nn Version: 6.7.3-14 Severity: normal Tags: patch Dear Maintainer,
>From 15ca216311a1cc157e627cd0207a8a4422e322f4 Mon Sep 17 00:00:00 2001 >From: Bjarni Ingi Gislason <[email protected]> >Date: Thu, 1 Apr 2021 02:53:22 +0000 >Subject: [PATCH] nntp.c: close the file "resolv" to avoid leaking The compiler option "-fanalyzer" shows: nntp.c: In function 'set_domain': nntp.c:957:1: warning: leak of FILE 'resolv' [CWE-775] [-Wanalyzer-file-leak] 957 | } | ^ ... Signed-off-by: Bjarni Ingi Gislason <[email protected]> --- nntp.c | 1 + 1 file changed, 1 insertion(+) diff --git a/nntp.c b/nntp.c index a320df4..66064b6 100644 --- a/nntp.c +++ b/nntp.c @@ -942,6 +942,7 @@ set_domain(void) break; } } + fclose(resolv); } if (domain[0] == '\0') nn_exitmsg(1, "hostname=%s, You need a fully qualified domain name", host_name); -- 2.30.2 -- System Information: Debian Release: bullseye/sid APT prefers testing-security APT policy: (500, 'testing-security'), (500, 'testing'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.10.24-1 (SMP w/2 CPU threads) Locale: LANG=is_IS.iso88591, LC_CTYPE=is_IS.iso88591 (charmap=ISO-8859-1), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) -- debconf information excluded -- Bjarni I. Gislason
