It's possible to end up unreferencing a kernel_interface object that has ->dirfd set to -1. This patch avoids calling close(2) on that fd. (close(-1) will just return EBADF anyway.)
Coverity CIDs #55996 and #55997 Signed-off-by: Steve Beattie <[email protected]> --- libraries/libapparmor/src/kernel_interface.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) Index: b/libraries/libapparmor/src/kernel_interface.c =================================================================== --- a/libraries/libapparmor/src/kernel_interface.c +++ b/libraries/libapparmor/src/kernel_interface.c @@ -285,7 +285,8 @@ void aa_kernel_interface_unref(aa_kernel { if (kernel_interface && atomic_dec_and_test(&kernel_interface->ref_count)) { - close(kernel_interface->dirfd); + if (kernel_interface->dirfd >= 0) + close(kernel_interface->dirfd); free(kernel_interface); } } -- Steve Beattie <[email protected]> http://NxNW.org/~steve/
signature.asc
Description: PGP signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
