From 9abb7e4a8758e6894872d81aef285aa2b521318a Mon Sep 17 00:00:00 2001 From: =?utf8?q?J=C3=A9r=C3=A9mie=20Galarneau?= Date: Fri, 31 Aug 2018 13:33:51 -0400 Subject: [PATCH] Fix: runas check fd value before calling close() MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit A bug could cause an 'open' command to return no FD in which case the initial value of '-1' would be used in the call to close(). Reported-by: Coverity Scan (1395329 Improper use of negative value) Signed-off-by: Jérémie Galarneau --- src/common/runas.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/common/runas.c b/src/common/runas.c index debc95926..f3adf7355 100644 --- a/src/common/runas.c +++ b/src/common/runas.c @@ -466,6 +466,9 @@ int cleanup_received_fd(enum run_as_cmd cmd, int fd) return 0; } + if (fd < 0) { + return 0; + } ret = close(fd); if (ret < 0) { PERROR("close error"); -- 2.34.1