load_file_data: do not close fd on error to avoid double-close

load_file_data() closes the passed file descriptor in case of an read(2)
failure.  The file descriptor is however owned by the caller and should
not be closed to avoid a double-close.
Since in this error branch NULL is always returned the only affected
caller is load_file_data(), as all other callers immediately abort via
die_with_error().  As bubblewrap is single-threaded the second close(2)
in load_file_data() will be well-defined and fail with EBADF, leading to
no unrelated file descriptor to be closed

Found by GCC analyzer:

    ./utils.c: In function ‘load_file_at’:
    ./utils.c:630:3: warning: double ‘close’ of file descriptor ‘fd’ [CWE-1341] [-Wanalyzer-fd-double-close]
    630 |   close (fd);
        |   ^~~~~~~~~~
    ...
            |  596 |           close (fd);
            |      |           ~~~~~~~~~~
            |      |           |
            |      |           (15) first ‘close’ here
    ...
        |  630 |   close (fd);
        |      |   ~~~~~~~~~~
        |      |   |
        |      |   (20) second ‘close’ here; first ‘close’ was at (15)

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>

1 files changed, 1 insertions, 7 deletions

diff --git a/utils.c b/utils.c
index 693273b..b2e885f 100644
--- a/utils.c
+++ b/utils.c
@@ -568,7 +568,6 @@ load_file_data (int     fd,
   ssize_t data_read;
   ssize_t data_len;
   ssize_t res;
-  int errsv;
 
   data_read = 0;
   data_len = 4080;
@@ -587,12 +586,7 @@ load_file_data (int     fd,
       while (res < 0 && errno == EINTR);
 
       if (res < 0)
-        {
-          errsv = errno;
-          close (fd);
-          errno = errsv;
-          return NULL;
-        }
+        return NULL;
 
       data_read += res;
     }