Fixed potential file descriptor leaks
diff --git a/ChangeLog b/ChangeLog
index 794bcf6..a420e6c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,7 @@
Bugfix
* Fixed potential memory leak when failing to resume a session
+ * Fixed potential file descriptor leaks (found by Remi Gacogne)
* Minor fixes
Security
diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c
index 8cf0371..2ff0b33 100644
--- a/library/ctr_drbg.c
+++ b/library/ctr_drbg.c
@@ -356,7 +356,10 @@
return( POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR );
if( ( ret = ctr_drbg_random( ctx, buf, CTR_DRBG_MAX_INPUT ) ) != 0 )
+ {
+ fclose( f );
return( ret );
+ }
if( fwrite( buf, 1, CTR_DRBG_MAX_INPUT, f ) != CTR_DRBG_MAX_INPUT )
{
@@ -382,7 +385,10 @@
fseek( f, 0, SEEK_SET );
if( n > CTR_DRBG_MAX_INPUT )
+ {
+ fclose( f );
return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG );
+ }
if( fread( buf, 1, n, f ) != n )
{
diff --git a/library/x509parse.c b/library/x509parse.c
index efde3f5..4b4be66 100644
--- a/library/x509parse.c
+++ b/library/x509parse.c
@@ -1967,7 +1967,10 @@
i = stat( entry_name, &sb );
if( i == -1 )
+ {
+ closedir( dir );
return( POLARSSL_ERR_X509_FILE_IO_ERROR );
+ }
if( !S_ISREG( sb.st_mode ) )
continue;