commit 3513868f2946ade874c95fb06e237630b72d8ba2
author Paul Bakker <p.j.bakker@polarssl.org> Wed Sep 11 13:28:00 2013 +0200
committer Paul Bakker <p.j.bakker@polarssl.org> Wed Sep 11 13:28:00 2013 +0200
tree 32f2f5c8dd284f1b0250c7d4d2f6f6ef7355b40a
parent 3081ba12bb20c72d5f854f66af6ce7c68b36ddd6

Fixed potential file descriptor leaks

ChangeLog

diff --git a/ChangeLog b/ChangeLog
index 4ae26db..4eff0b3 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,7 @@
 = Branch 1.1
 Bugfix
    * Fixed potential memory leak when failing to resume a session
+   * Fixed potential file descriptor leaks
 
 Security
    * Potential buffer-overflow for ssl_read_record() (independently found by

library/ctr_drbg.c

diff --git a/library/ctr_drbg.c b/library/ctr_drbg.c
index 882d686..1e0ae19 100644
--- a/library/ctr_drbg.c
+++ b/library/ctr_drbg.c
@@ -360,7 +360,10 @@
         return( POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR );
 
     if( ( ret = ctr_drbg_random( ctx, buf, CTR_DRBG_MAX_INPUT ) ) != 0 )
+    {
+        fclose( f );
         return( ret );
+    }
 
     if( fwrite( buf, 1, CTR_DRBG_MAX_INPUT, f ) != CTR_DRBG_MAX_INPUT )
     {
@@ -386,7 +389,10 @@
     fseek( f, 0, SEEK_SET );
 
     if( n > CTR_DRBG_MAX_INPUT )
+    {
+        fclose( f );
         return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG );
+    }
 
     if( fread( buf, 1, n, f ) != n )
     {