From aed7faeab4b1c701768bb3c56b3f3bbfd2801938 Mon Sep 17 00:00:00 2001
From: Martin Schwenke <martin@meltin.net>
Date: Wed, 8 Nov 2017 09:22:29 +1100
Subject: [PATCH] ctdb-tests: Fix some harmless CIDs

CID 1420632: Resource leaks (RESOURCE LEAK)
CID 1420631: Security best practices violations (TOCTOU)
CID 1417432: Resource leaks (RESOURCE LEAK)
CID 1417429: Security best practices violations (TOCTOU)
CID 1417427: Resource leaks (RESOURCE LEAK)

These are all in test code and constrained to the test environment, so
can't result in privilege escape.  No backport necessary.  However, we
might as well get them off the list.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Wed Nov  8 11:28:40 CET 2017 on sn-devel-144
---
 ctdb/tests/src/sock_daemon_test.c | 14 ++++++--------
 1 file changed, 6 insertions(+), 8 deletions(-)

diff --git a/ctdb/tests/src/sock_daemon_test.c b/ctdb/tests/src/sock_daemon_test.c
index bba0df26a0a..95045d175ff 100644
--- a/ctdb/tests/src/sock_daemon_test.c
+++ b/ctdb/tests/src/sock_daemon_test.c
@@ -216,16 +216,16 @@ static void test2(TALLOC_CTX *mem_ctx, const char *pidfile,
 	assert(n == sizeof(ret));
 	assert(ret == 1);
 
-	ret = stat(pidfile, &st);
-	assert(ret == 0);
-	assert(S_ISREG(st.st_mode));
-
 	pidfile_fd = open(pidfile, O_RDONLY, 0644);
 	assert(pidfile_fd != -1);
+	ret = fstat(pidfile_fd, &st);
+	assert(ret == 0);
+	assert(S_ISREG(st.st_mode));
 	n = read(pidfile_fd, pidstr, sizeof(pidstr)-1);
 	assert(n != -1);
 	pid2 = (pid_t)atoi(pidstr);
 	assert(pid == pid2);
+	close(pidfile_fd);
 
 	ret = kill(pid, SIGHUP);
 	assert(ret == 0);
@@ -1315,6 +1315,7 @@ static void test9(TALLOC_CTX *mem_ctx, const char *pidfile,
 	assert(n != -1);
 	pid2 = (pid_t)atoi(pidstr);
 	assert(pid != pid2);
+	close(pidfile_fd);
 
 	ret = kill(pid2, SIGTERM);
 	assert(ret == 0);
@@ -1431,16 +1432,13 @@ static void test10(TALLOC_CTX *mem_ctx, const char *pidfile,
 	assert(n == sizeof(ret));
 	assert(ret == 1);
 
-	ret = stat(pidfile, &st);
-	assert(ret == 0);
-	assert(S_ISREG(st.st_mode));
-
 	pidfile_fd = open(pidfile, O_RDONLY, 0644);
 	assert(pidfile_fd != -1);
 	n = read(pidfile_fd, pidstr, sizeof(pidstr)-1);
 	assert(n != -1);
 	pid2 = (pid_t)atoi(pidstr);
 	assert(pid == pid2);
+	close(pidfile_fd);
 
 	ret = kill(pid, SIGTERM);
 	assert(ret == 0);
-- 
2.11.4.GIT