On Thu, Jan 03, 2019 at 05:31:13AM -0800, Li Qiang wrote:
> Spotted by Coverity: CID 1397070
> diff --git a/hw/usb/dev-mtp.c b/hw/usb/dev-mtp.c
> index b19b576278..666bafd9e8 100644
> --- a/hw/usb/dev-mtp.c
> +++ b/hw/usb/dev-mtp.c
> @@ -666,6 +666,7 @@ static void usb_mtp_object_readdir(MTPState *s, MTPObject
> *o)
> }
> dir = fdopendir(fd);
> if (!dir) {
> + close(fd);
> return;
> }
Ok, clearly a bug.
> #ifdef CONFIG_INOTIFY1
> @@ -682,6 +683,7 @@ static void usb_mtp_object_readdir(MTPState *s, MTPObject
> *o)
> usb_mtp_add_child(s, o, entry->d_name);
> }
> closedir(dir);
> + close(fd);
Not fully sure this is correct.
The fdopendir manpage says the app should not use fd any more after
successfully calling fdopendir(), and I assumed that includes calling
close(). But I've seen the Coverity message warning this one too, so
maybe I'm wrong ...
cheers,
Gerd
