The cleanup goto block in `semanage_direct_set_enabled()` closes the
file stream pointer fp if not NULL. Set the stream to NULL after a
manual fclose(3), even on failure.
direct_api.c: In function ‘semanage_direct_set_enabled’:
direct_api.c:2130:25: error: pointer ‘fp’ may be used after ‘fclose’ [-Werror=use-after-free]
2130 | if (fp != NULL) fclose(fp);
| ^~~~~~~~~~
direct_api.c:2092:29: note: call to ‘fclose’ here
2092 | if (fclose(fp) != 0) {
| ^~~~~~~~~~
Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
---
libsemanage/src/direct_api.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c
index d5716ce5..7206483a 100644
--- a/libsemanage/src/direct_api.c
+++ b/libsemanage/src/direct_api.c
@@ -2089,7 +2089,9 @@ static int semanage_direct_set_enabled(semanage_handle_t *sh,
goto cleanup;
}
- if (fclose(fp) != 0) {
+ ret = fclose(fp);
+ fp = NULL;
+ if (ret != 0) {
ERR(sh,
"Unable to close disabled file for module %s",
modkey->name);
@@ -2097,8 +2099,6 @@ static int semanage_direct_set_enabled(semanage_handle_t *sh,
goto cleanup;
}
- fp = NULL;
-
break;
case 1: /* enable the module */
if (unlink(fn) < 0) {
--
2.35.1
