root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

RAND_write_file(): Avoid potential file descriptor leak 

If fdopen() call fails we need to close the fd. Also
return early as this is most likely some fatal error.

Fixes #25064

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25081)

(cherry picked from commit d604834439)
This commit is contained in:
shridhar kalavagunta 2024-08-04 16:04:53 -05:00 committed by Tomas Mraz
parent 4cf3cbe52c
commit 283960be9d
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
crypto/rand/randfile.c
View File

@ -208,8 +208,16 @@ int RAND_write_file(const char *file)
* should be restrictive from the start * should be restrictive from the start
*/ */
int fd = open(file, O_WRONLY | O_CREAT | O_BINARY, 0600); int fd = open(file, O_WRONLY | O_CREAT | O_BINARY, 0600);
if (fd != -1)
if (fd != -1) {
out = fdopen(fd, "wb"); out = fdopen(fd, "wb");
if (out == NULL) {
close(fd);
ERR_raise_data(ERR_LIB_RAND, RAND_R_CANNOT_OPEN_FILE,
"Filename=%s", file);
return -1;
}
}
} }
#endif #endif