From: dtucker@openbsd.org <dtucker@openbsd.org>
Date: Thu, 2 Mar 2023 06:41:56 +0000 (+0000)
Subject: upstream: Always call fclose on checkpoints.
X-Git-Tag: V_9_3_P1~49
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=03a03c6002525f5ad9c8fc874a5d5826a35d9858;p=thirdparty%2Fopenssh-portable.git

upstream: Always call fclose on checkpoints.

In the case of an fprintf failure we would not call fclose which would
leak the FILE pointer.  While we're there, try to clean up the temp file
on failure.  Spotted by Coverity, ok djm@

OpenBSD-Commit-ID: 73c7ccc5d4fcc235f54c6b20767a2815408525ef
---

diff --git a/moduli.c b/moduli.c
index 9f660ef26..481ca2aa8 100644
--- a/moduli.c
+++ b/moduli.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: moduli.c,v 1.38 2022/05/01 23:20:30 djm Exp $ */
+/* $OpenBSD: moduli.c,v 1.39 2023/03/02 06:41:56 dtucker Exp $ */
 /*
  * Copyright 1994 Phil Karn <karn@qualcomm.com>
  * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com>
@@ -452,7 +452,7 @@ write_checkpoint(char *cpfile, u_int32_t lineno)
 {
 	FILE *fp;
 	char tmp[PATH_MAX];
-	int r;
+	int r, writeok, closeok;
 
 	r = snprintf(tmp, sizeof(tmp), "%s.XXXXXXXXXX", cpfile);
 	if (r < 0 || r >= PATH_MAX) {
@@ -469,13 +469,16 @@ write_checkpoint(char *cpfile, u_int32_t lineno)
 		close(r);
 		return;
 	}
-	if (fprintf(fp, "%lu\n", (unsigned long)lineno) > 0 && fclose(fp) == 0
-	    && rename(tmp, cpfile) == 0)
+	writeok = (fprintf(fp, "%lu\n", (unsigned long)lineno) > 0);
+	closeok = (fclose(fp) == 0);
+	if (writeok && closeok && rename(tmp, cpfile) == 0) {
 		debug3("wrote checkpoint line %lu to '%s'",
 		    (unsigned long)lineno, cpfile);
-	else
+	} else {
 		logit("failed to write to checkpoint file '%s': %s", cpfile,
 		    strerror(errno));
+		(void)unlink(tmp);
+	}
 }
 
 static unsigned long