wget/src-utils.c-open_stat-Fix-RESOURCE-LEAK-found-by-Cov.patch

From c045cdded4e3850724d8bb3a655852948e62c0df Mon Sep 17 00:00:00 2001
From: Tomas Hozza <thozza@redhat.com>
Date: Thu, 2 Aug 2018 13:49:52 +0200
Subject: [PATCH 20/83] * src/utils.c (open_stat): Fix RESOURCE LEAK found by
 Coverity

Error: RESOURCE_LEAK (CWE-772):
wget-1.19.5/src/utils.c:914: open_fn: Returning handle opened by "open". [Note: The source code implementation of the function has been overridden by a user model.]
wget-1.19.5/src/utils.c:914: var_assign: Assigning: "fd" = handle returned from "open(fname, flags, mode)".
wget-1.19.5/src/utils.c:921: noescape: Resource "fd" is not freed or pointed-to in "fstat". [Note: The source code implementation of the function has been overridden by a builtin model.]
wget-1.19.5/src/utils.c:924: leaked_handle: Handle variable "fd" going out of scope leaks the handle.
\#  922|     {
\#  923|       logprintf (LOG_NOTQUIET, _("Failed to stat file %s, error: %s\n"), fname, strerror(errno));
\#  924|->     return -1;
\#  925|     }
\#  926|   #if !(defined(WINDOWS) || defined(__VMS))

This seems to be a real issue, since the opened file descriptor in "fd"
would leak. There is also additional check below the "fstat" call, which
closes the opened "fd".

Signed-off-by: Tomas Hozza <thozza@redhat.com>
---
 src/utils.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/utils.c b/src/utils.c
index 0cb905ad..c6258083 100644
--- a/src/utils.c
+++ b/src/utils.c
@@ -924,6 +924,7 @@ open_stat(const char *fname, int flags, mode_t mode, file_stats_t *fstats)
   if (fstat (fd, &fdstats) == -1)
   {
     logprintf (LOG_NOTQUIET, _("Failed to stat file %s, error: %s\n"), fname, strerror(errno));
+    close (fd);
     return -1;
   }
 #if !(defined(WINDOWS) || defined(__VMS))
-- 
2.19.1
Package init 2019-09-30 11:19:50 -04:00			`From c045cdded4e3850724d8bb3a655852948e62c0df Mon Sep 17 00:00:00 2001`
			`From: Tomas Hozza <thozza@redhat.com>`
			`Date: Thu, 2 Aug 2018 13:49:52 +0200`
			`Subject: [PATCH 20/83] * src/utils.c (open_stat): Fix RESOURCE LEAK found by`
			`Coverity`

			`Error: RESOURCE_LEAK (CWE-772):`
			`wget-1.19.5/src/utils.c:914: open_fn: Returning handle opened by "open". [Note: The source code implementation of the function has been overridden by a user model.]`
			`wget-1.19.5/src/utils.c:914: var_assign: Assigning: "fd" = handle returned from "open(fname, flags, mode)".`
			`wget-1.19.5/src/utils.c:921: noescape: Resource "fd" is not freed or pointed-to in "fstat". [Note: The source code implementation of the function has been overridden by a builtin model.]`
			`wget-1.19.5/src/utils.c:924: leaked_handle: Handle variable "fd" going out of scope leaks the handle.`
			`\# 922\| {`
			`\# 923\| logprintf (LOG_NOTQUIET, _("Failed to stat file %s, error: %s\n"), fname, strerror(errno));`
			`\# 924\|-> return -1;`
			`\# 925\| }`
			`\# 926\| #if !(defined(WINDOWS) \|\| defined(__VMS))`

			`This seems to be a real issue, since the opened file descriptor in "fd"`
			`would leak. There is also additional check below the "fstat" call, which`
			`closes the opened "fd".`

			`Signed-off-by: Tomas Hozza <thozza@redhat.com>`
			`---`
			`src/utils.c \| 1 +`
			`1 file changed, 1 insertion(+)`

			`diff --git a/src/utils.c b/src/utils.c`
			`index 0cb905ad..c6258083 100644`
			`--- a/src/utils.c`
			`+++ b/src/utils.c`
			`@@ -924,6 +924,7 @@ open_stat(const char fname, int flags, mode_t mode, file_stats_t fstats)`
			`if (fstat (fd, &fdstats) == -1)`
			`{`
			`logprintf (LOG_NOTQUIET, _("Failed to stat file %s, error: %s\n"), fname, strerror(errno));`
			`+ close (fd);`
			`return -1;`
			`}`
			`#if !(defined(WINDOWS) \|\| defined(__VMS))`
			`--`
			`2.19.1`