Subject: | dangling pointer, file descriptor leak in krb5_rc_io_creat |
From #6002, in regards to the patch applied there:
It looks to me like, if strdup fails, the file is left open (which is probably okay
if the caller then uses krb5_rc_close to dispose
of the handle, but may cause a file and file descriptor leak if the caller tries
krb5_rc_io_creat again), and d->fn is a dangling
pointer (which could be freed again by krb5_rc_io_close).
It looks to me like, if strdup fails, the file is left open (which is probably okay
if the caller then uses krb5_rc_close to dispose
of the handle, but may cause a file and file descriptor leak if the caller tries
krb5_rc_io_creat again), and d->fn is a dangling
pointer (which could be freed again by krb5_rc_io_close).