libsemanage: avoid double fclose

The cleanup goto block in `semanage_direct_set_enabled()` closes the file stream pointer fp if not NULL. Set the stream to NULL after a manual fclose(3), even on failure. direct_api.c: In function ‘semanage_direct_set_enabled’: direct_api.c:2130:25: error: pointer ‘fp’ may be used after ‘fclose’ [-Werror=use-after-free] 2130 | if (fp != NULL) fclose(fp); | ^~~~~~~~~~ direct_api.c:2092:29: note: call to ‘fclose’ here 2092 | if (fclose(fp) != 0) { | ^~~~~~~~~~ Acked-by: James Carter <jwcart2@gmail.com> Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
2025-01-17 02:40:53 +00:00 · 2022-04-08 15:10:54 +02:00 · 2022-04-08 15:10:54 +02:00 · e205e3e84a
commit e205e3e84a
parent 0aa974a439
1 changed files with 3 additions and 3 deletions
--- a/libsemanage/src/direct_api.c
+++ b/libsemanage/src/direct_api.c
@ -2089,7 +2089,9 @@ static int semanage_direct_set_enabled(semanage_handle_t *sh,
 				goto cleanup;
 			}

-			if (fclose(fp) != 0) {
+			ret = fclose(fp);
+			fp = NULL;
+			if (ret != 0) {
 				ERR(sh,
 				    "Unable to close disabled file for module %s",
 				    modkey->name);
@ -2097,8 +2099,6 @@ static int semanage_direct_set_enabled(semanage_handle_t *sh,
 				goto cleanup;
 			}

-			fp = NULL;
-
 			break;
 		case 1: /* enable the module */
 			if (unlink(fn) < 0) {