From 5eee974e034be5bd0614dd907a603b71869646ef Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=9A=D0=BE=D1=80=D0=B5=D0=BD=D0=B1=D0=B5=D1=80=D0=B3=20?=
 =?UTF-8?q?=D0=9C=D0=B0=D1=80=D0=BA=20=28=D0=B4=D0=BE=D0=BC=D0=B0=29?=
 <socketpair@gmail.com>
Date: Thu, 30 Aug 2012 04:33:40 +0600
Subject: Prevent potential socket file descriptor leak

This may happen when passing connected socket to nl_cache_mngr_alloc().

Now, nl_connect() will return error trying to connect already connected socket.

Also, dont call close(-1) if socket() fails.
---
 lib/nl.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/lib/nl.c b/lib/nl.c
index 6b2f027..d3e67aa 100644
--- a/lib/nl.c
+++ b/lib/nl.c
@@ -69,6 +69,8 @@
  * Creates a netlink socket using the specified protocol, binds the socket
  * and issues a connection attempt.
  *
+ * This function fail if socket is already connected.
+ *
  * @note SOCK_CLOEXEC is set on the socket if available.
  *
  * @return 0 on success or a negative error code.
@@ -82,6 +84,9 @@ int nl_connect(struct nl_sock *sk, int protocol)
 	flags |= SOCK_CLOEXEC;
 #endif
 
+        if (sk->s_fd != -1)
+                return -NLE_BAD_SOCK;
+
 	sk->s_fd = socket(AF_NETLINK, SOCK_RAW | flags, protocol);
 	if (sk->s_fd < 0) {
 		err = -nl_syserr2nlerr(errno);
@@ -123,8 +128,10 @@ int nl_connect(struct nl_sock *sk, int protocol)
 
 	return 0;
 errout:
-	close(sk->s_fd);
-	sk->s_fd = -1;
+        if (sk->s_fd != -1) {
+    		close(sk->s_fd);
+    		sk->s_fd = -1;
+        }
 
 	return err;
 }
-- 
cgit v1.2.1