ntp_crypto.c:

  resource leak (fd/mem): fclose() streams on error (Coverity NetBSD scan CID 2055)

bk: 441bd1de45vh-E99S6vbFk7n_ayqvA

diff --git a/ntpd/ntp_crypto.c b/ntpd/ntp_crypto.c
index f0aa1b9093adb5c4912d2147f657fe2426cad33b..b1351423c44864db933850a7c9ff8a94b2497465 100644 (file)
--- a/ntpd/ntp_crypto.c
+++ b/ntpd/ntp_crypto.c
@@ -3659,16 +3659,19 @@ crypto_cert(
        if ((ptr = fgets(linkname, MAXFILENAME, str)) == NULL) {
                msyslog(LOG_ERR, "crypto_cert: no data %s\n",
                    filename);
+               (void)fclose(str);
                return (NULL);
        }
        if ((ptr = strrchr(ptr, '.')) == NULL) {
                msyslog(LOG_ERR, "crypto_cert: no filestamp %s\n",
                    filename);
+               (void)fclose(str);
                return (NULL);
        }
        if (sscanf(++ptr, "%u", &fstamp) != 1) {
                msyslog(LOG_ERR, "crypto_cert: invalid filestamp %s\n",
                    filename);
+               (void)fclose(str);
                return (NULL);
        }
 
@@ -3678,6 +3681,7 @@ crypto_cert(
        if (!PEM_read(str, &name, &header, &data, &len)) {
                msyslog(LOG_ERR, "crypto_cert %s\n",
                    ERR_error_string(ERR_get_error(), NULL));
+               (void)fclose(str);
                return (NULL);
        }
        free(header);
@@ -3686,6 +3690,7 @@ crypto_cert(
                    name);
                free(name);
                free(data);
+               (void)fclose(str);
                return (NULL);
        }
        free(name);
@@ -3695,6 +3700,7 @@ crypto_cert(
         */
        ret = cert_parse(data, len, fstamp);
        free(data);
+       (void)fclose(str);
        if (ret == NULL)
                return (NULL);