From: Phil Sutter <phil@nwl.cc>
Date: Thu, 6 Aug 2015 12:24:35 +0000 (+0200)
Subject: lib/namespace: don't leak fd in error case
X-Git-Tag: v4.2.0~20
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5950ba9;p=thirdparty%2Fiproute2.git

lib/namespace: don't leak fd in error case

Signed-off-by: Phil Sutter <phil@nwl.cc>
---

diff --git a/lib/namespace.c b/lib/namespace.c
index a61feb6ae..819716525 100644
--- a/lib/namespace.c
+++ b/lib/namespace.c
@@ -58,32 +58,35 @@ int netns_switch(char *name)
 	if (setns(netns, CLONE_NEWNET) < 0) {
 		fprintf(stderr, "setting the network namespace \"%s\" failed: %s\n",
 			name, strerror(errno));
-		return -1;
+		goto fail_close;
 	}
 
 	if (unshare(CLONE_NEWNS) < 0) {
 		fprintf(stderr, "unshare failed: %s\n", strerror(errno));
-		return -1;
+		goto fail_close;
 	}
 	/* Don't let any mounts propagate back to the parent */
 	if (mount("", "/", "none", MS_SLAVE | MS_REC, NULL)) {
 		fprintf(stderr, "\"mount --make-rslave /\" failed: %s\n",
 			strerror(errno));
-		return -1;
+		goto fail_close;
 	}
 	/* Mount a version of /sys that describes the network namespace */
 	if (umount2("/sys", MNT_DETACH) < 0) {
 		fprintf(stderr, "umount of /sys failed: %s\n", strerror(errno));
-		return -1;
+		goto fail_close;
 	}
 	if (mount(name, "/sys", "sysfs", 0, NULL) < 0) {
 		fprintf(stderr, "mount of /sys failed: %s\n",strerror(errno));
-		return -1;
+		goto fail_close;
 	}
 
 	/* Setup bind mounts for config files in /etc */
 	bind_etc(name);
 	return 0;
+fail_close:
+	close(netns);
+	return -1;
 }
 
 int netns_get_fd(const char *name)