lib: avoid double close on error

log.c:90:24: warning: double 'close' of file descriptor 'fd' [CWE-1341] [-Wanalyzer-fd-double-close] failure.c:94:24: warning: double 'close' of file descriptor 'fd' [CWE-1341] [-Wanalyzer-fd-double-close] failure.c:193:32: warning: double 'close' of file descriptor 'fd' [CWE-1341] [-Wanalyzer-fd-double-close] utmp.c:103:24: warning: double 'close' of file descriptor 'fd' [CWE-1341] [-Wanalyzer-fd-double-close]
2023-12-11 17:45:26 +01:00
parent cdb2490ab6
commit ce3a4ac7a3
3 changed files with 75 additions and 25 deletions
--- a/lib/failure.c
+++ b/lib/failure.c
@@ -90,13 +90,26 @@ void failure (uid_t uid, const char *tty, struct faillog *fl)
 	 */

 	if (   (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
-	    || (write_full(fd, fl, sizeof *fl) == -1)
-	    || (close (fd) != 0)) {
-		SYSLOG ((LOG_WARN,
-		         "Can't write faillog entry for UID %lu in %s: %m",
-		         (unsigned long) uid, FAILLOG_FILE));
-		(void) close (fd);
+	    || (write_full(fd, fl, sizeof *fl) == -1)) {
+		goto err_write;
 	}
+
+	if (close (fd) != 0 && errno != EINTR) {
+		goto err_close;
+	}
+
+	return;
+
+err_write:
+	{
+		int saved_errno = errno;
+		(void) close (fd);
+		errno = saved_errno;
+	}
+err_close:
+	SYSLOG ((LOG_WARN,
+	         "Can't write faillog entry for UID %lu to %s: %m",
+	         (unsigned long) uid, FAILLOG_FILE));
 }

 static bool too_many_failures (const struct faillog *fl)
@@ -189,18 +202,30 @@ int failcheck (uid_t uid, struct faillog *fl, bool failed)
 		fail.fail_cnt = 0;

 		if (   (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
-		    || (write_full(fd, &fail, sizeof fail) == -1)
-		    || (close (fd) != 0)) {
-			SYSLOG ((LOG_WARN,
-			         "Can't reset faillog entry for UID %lu in %s: %m",
-			         (unsigned long) uid, FAILLOG_FILE));
-			(void) close (fd);
+		    || (write_full(fd, &fail, sizeof fail) == -1)) {
+			    goto err_write;
+		}
+
+		if (close (fd) != 0 && errno != EINTR) {
+			goto err_close;
 		}
 	} else {
 		(void) close (fd);
 	}

 	return 1;
+
+err_write:
+	{
+		int saved_errno = errno;
+		(void) close (fd);
+		errno = saved_errno;
+	}
+err_close:
+	SYSLOG ((LOG_WARN,
+	         "Can't reset faillog entry for UID %lu in %s: %m",
+	         (unsigned long) uid, FAILLOG_FILE));
+	return 1;
 }

 /*
--- a/lib/log.c
+++ b/lib/log.c
@@ -86,12 +86,24 @@ void dolastlog (
 	STRNCPY(newlog.ll_host, host);
 #endif
 	if (   (lseek (fd, offset, SEEK_SET) != offset)
-	    || (write_full(fd, &newlog, sizeof newlog) == -1)
-	    || (close (fd) != 0)) {
-		SYSLOG ((LOG_WARN,
-		         "Can't write lastlog entry for UID %lu in %s.",
-		         (unsigned long) pw->pw_uid, LASTLOG_FILE));
-		(void) close (fd);
+	    || (write_full(fd, &newlog, sizeof newlog) == -1)) {
+		goto err_write;
 	}
-}

+	if (close (fd) != 0 && errno != EINTR) {
+		goto err_close;
+	}
+
+	return;
+
+err_write:
+	{
+		int saved_errno = errno;
+		(void) close (fd);
+		errno = saved_errno;
+	}
+err_close:
+	SYSLOG ((LOG_WARN,
+	         "Can't write lastlog entry for UID %lu in %s: %m",
+	         (unsigned long) pw->pw_uid, LASTLOG_FILE));
+}
--- a/lib/utmp.c
+++ b/lib/utmp.c
@@ -99,13 +99,26 @@ static void failtmp (const char *username, const struct utmp *failent)
 	 * Append the new failure record and close the log file.
 	 */

-	if (   (write_full(fd, failent, sizeof *failent) == -1)
-	    || (close (fd) != 0)) {
-		SYSLOG ((LOG_WARN,
-		         "Can't append failure of user %s to %s: %m",
-		         username, ftmp));
-		(void) close (fd);
+	if (write_full(fd, failent, sizeof *failent) == -1) {
+		goto err_write;
 	}
+
+	if (close (fd) != 0 && errno != EINTR) {
+		goto err_close;
+	}
+
+	return;
+
+err_write:
+	{
+		int saved_errno = errno;
+		(void) close (fd);
+		errno = saved_errno;
+	}
+err_close:
+	SYSLOG ((LOG_WARN,
+	         "Can't append failure of user %s to %s: %m",
+	         username, ftmp));
 }

 /*