From: Thibault Godouet <yo8192@users.noreply.github.com>
Date: Sat, 13 Nov 2004 19:44:01 +0000 (+0000)
Subject: fix several security vulnerabilities found by iDEFENSE in fcronsighup
X-Git-Tag: ver2_9_5_1~8
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=aa3ee531acb3800be5a266085d69853e2d49f353;p=thirdparty%2Ffcron.git

fix several security vulnerabilities found by iDEFENSE in fcronsighup
(close fcron.allow and fcron.deny files after use)
---

diff --git a/allow.c b/allow.c
index 20ab4c1..555712b 100644
--- a/allow.c
+++ b/allow.c
@@ -22,7 +22,7 @@
  *  `LICENSE' that comes with the fcron source distribution.
  */
 
- /* $Id: allow.c,v 1.13 2003-12-25 22:52:55 thib Exp $ */
+ /* $Id: allow.c,v 1.14 2004-11-13 19:44:01 thib Exp $ */
 
 #include "fcrontab.h"
 
@@ -56,12 +56,17 @@ in_file(char *str, char *file)
 	    continue;
 	remove_blanks(start);
 
-	if ( strcmp(str, start) == 0 )
+	if ( strcmp(str, start) == 0 ) {
+	    fclose(f);
 	    return 1;
-	if ( strcmp(start, "all") == 0 )
+	}
+	if ( strcmp(start, "all") == 0 ) {
+	    fclose(f);
 	    return 2;
+	}
     }
 
+    fclose(f);
     /* if execution gets here, string is not in file */
     return 0;