about summary refs log tree commit diff
diff options
context:
space:
mode:
authorRich Felker <dalias@aerifal.cx>2014-06-06 03:17:47 -0400
committerRich Felker <dalias@aerifal.cx>2014-06-06 03:17:47 -0400
commit60158bff74e478a8031f618ea5e0546bf41a3523 (patch)
tree87bcb18c9d4efa3410579d9467b40047f7a91ca3
parent2abb70c302efe46dfd8fd9e1d64fa00f1376f428 (diff)
downloadmusl-60158bff74e478a8031f618ea5e0546bf41a3523.tar.gz
musl-60158bff74e478a8031f618ea5e0546bf41a3523.tar.xz
musl-60158bff74e478a8031f618ea5e0546bf41a3523.zip
fix fd leak in tmpfile when the fdopen operation fails
this condition could only happen due to malloc failure.

the fdopen operation is also moved to take place after the unlink to
minimize the window during which a link to the file exists in the
directory table.
-rw-r--r--src/stdio/tmpfile.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/src/stdio/tmpfile.c b/src/stdio/tmpfile.c
index a7d0000a..525090aa 100644
--- a/src/stdio/tmpfile.c
+++ b/src/stdio/tmpfile.c
@@ -16,12 +16,13 @@ FILE *tmpfile(void)
 		__randname(s+13);
 		fd = sys_open(s, O_RDWR|O_CREAT|O_EXCL, 0600);
 		if (fd >= 0) {
-			f = __fdopen(fd, "w+");
 #ifdef SYS_unlink
 			__syscall(SYS_unlink, s);
 #else
 			__syscall(SYS_unlinkat, AT_FDCWD, s, 0);
 #endif
+			f = __fdopen(fd, "w+");
+			if (!f) __syscall(SYS_close, fd);
 			return f;
 		}
 	}