Another patch will handle some of the fdopen error handling leaks that are combined with missing unlink calls when using mkstemp.
Index: games/atc/log.c =================================================================== RCS file: /cvs/src/games/atc/log.c,v retrieving revision 1.17 diff -u -p -d -r1.17 log.c --- games/atc/log.c 27 Oct 2009 23:59:23 -0000 1.17 +++ games/atc/log.c 11 Jul 2014 07:41:36 -0000 @@ -109,6 +109,7 @@ open_score_file(void) score_fp = fdopen(score_fd, "r+"); if (score_fp == NULL) { perror(_PATH_SCORE); + close(score_fd); return (-1); } umask(old_mode); Index: sbin/isakmpd/ike_auth.c =================================================================== RCS file: /cvs/src/sbin/isakmpd/ike_auth.c,v retrieving revision 1.110 diff -u -p -d -r1.110 ike_auth.c --- sbin/isakmpd/ike_auth.c 16 Apr 2007 13:01:39 -0000 1.110 +++ sbin/isakmpd/ike_auth.c 11 Jul 2014 07:41:36 -0000 @@ -299,12 +299,14 @@ ignorekeynote: if (check_file_secrecy_fd(fd, keyfile, &fsize)) { free(privkeyfile); + close(fd); return 0; } if ((keyfp = fdopen(fd, "r")) == NULL) { log_print("ike_auth_get_key: fdopen failed"); free(privkeyfile); + close(fd); return 0; } #if SSLEAY_VERSION_NUMBER >= 0x00904100L Index: usr.bin/finger/net.c =================================================================== RCS file: /cvs/src/usr.bin/finger/net.c,v retrieving revision 1.12 diff -u -p -d -r1.12 net.c --- usr.bin/finger/net.c 27 Oct 2009 23:59:38 -0000 1.12 +++ usr.bin/finger/net.c 11 Jul 2014 07:41:36 -0000 @@ -141,5 +141,8 @@ netfinger(name) } if (lastc != '\n') putchar('\n'); - (void)fclose(fp); + if (fp == NULL) + (void)close(s); + else + (void)fclose(fp); } Index: usr.bin/mandoc/mandocdb.c =================================================================== RCS file: /cvs/src/usr.bin/mandoc/mandocdb.c,v retrieving revision 1.111 diff -u -p -d -r1.111 mandocdb.c --- usr.bin/mandoc/mandocdb.c 21 Jun 2014 16:17:56 -0000 1.111 +++ usr.bin/mandoc/mandocdb.c 11 Jul 2014 07:41:37 -0000 @@ -1320,6 +1320,8 @@ parse_cat(struct mpage *mpage, int fd) fopen(mpage->mlinks->file, "r") : fdopen(fd, "r"); if (NULL == stream) { + if (-1 != fd) + close(fd); if (warnings) say(mpage->mlinks->file, "&fopen"); return; Index: usr.bin/ssh/ssh-keygen.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/ssh-keygen.c,v retrieving revision 1.249 diff -u -p -d -r1.249 ssh-keygen.c --- usr.bin/ssh/ssh-keygen.c 3 Jul 2014 03:47:27 -0000 1.249 +++ usr.bin/ssh/ssh-keygen.c 11 Jul 2014 07:41:37 -0000 @@ -953,12 +953,14 @@ do_gen_all_hostkeys(struct passwd *pw) f = fdopen(fd, "w"); if (f == NULL) { printf("fdopen %s failed\n", identity_file); + close(fd); key_free(public); first = 0; continue; } if (!key_write(public, f)) { fprintf(stderr, "write key failed\n"); + fclose(f); key_free(public); first = 0; continue; Index: usr.bin/uudecode/uudecode.c =================================================================== RCS file: /cvs/src/usr.bin/uudecode/uudecode.c,v retrieving revision 1.19 diff -u -p -d -r1.19 uudecode.c --- usr.bin/uudecode/uudecode.c 20 May 2014 01:25:23 -0000 1.19 +++ usr.bin/uudecode/uudecode.c 11 Jul 2014 07:41:37 -0000 @@ -290,6 +290,8 @@ decode2(void) if ((fd = open(outfile, flags, mode)) < 0 || (outfp = fdopen(fd, "w")) == NULL) { warn("%s: %s", infile, outfile); + if (fd != -1) + close(fd); return (1); } } Index: usr.sbin/lpr/lpd/printjob.c =================================================================== RCS file: /cvs/src/usr.sbin/lpr/lpd/printjob.c,v retrieving revision 1.52 diff -u -p -d -r1.52 printjob.c --- usr.sbin/lpr/lpd/printjob.c 7 Feb 2014 23:06:21 -0000 1.52 +++ usr.sbin/lpr/lpd/printjob.c 11 Jul 2014 07:41:38 -0000 @@ -804,8 +804,12 @@ sendit(char *file) /* open control file */ fd = safe_open(file, O_RDONLY|O_NOFOLLOW, 0); - if (fd < 0 || (cfp = fdopen(fd, "r")) == NULL) + if (fd < 0 || (cfp = fdopen(fd, "r")) == NULL) { + if (fd != -1) + close(fd); return(OK); + } + /* * read the control file for work to do * Index: usr.sbin/npppd/npppd/privsep.c =================================================================== RCS file: /cvs/src/usr.sbin/npppd/npppd/privsep.c,v retrieving revision 1.9 diff -u -p -d -r1.9 privsep.c --- usr.sbin/npppd/npppd/privsep.c 8 Feb 2013 12:35:52 -0000 1.9 +++ usr.sbin/npppd/npppd/privsep.c 11 Jul 2014 07:41:38 -0000 @@ -327,11 +327,15 @@ FILE * priv_fopen(const char *path) { int f; + FILE *fp; if ((f = priv_open(path, O_RDONLY, 0600)) < 0) return NULL; - - return fdopen(f, "r"); + if ((fp = fdopen(f, "r")) == NULL) { + close(f); + return NULL; + } else + return fp; } int Index: usr.sbin/smtpd/queue_api.c =================================================================== RCS file: /cvs/src/usr.sbin/smtpd/queue_api.c,v retrieving revision 1.5 diff -u -p -d -r1.5 queue_api.c --- usr.sbin/smtpd/queue_api.c 8 Jul 2014 15:45:32 -0000 1.5 +++ usr.sbin/smtpd/queue_api.c 11 Jul 2014 07:41:38 -0000 @@ -186,8 +186,12 @@ queue_msg_dispatch(void) } if (ifile) fclose(ifile); + else + close(imsg.fd); if (ofile) fclose(ofile); + else + close(fd); } imsg_compose(&ibuf, PROC_QUEUE_OK, 0, 0, -1, &r, sizeof(r));