coverity complains about fd leaking inside the if statement because there is
a goto which bypasses the statement close (fd).
The fix is to close (fd) immediately after it is no longer used.
Change-Id: Ic5035b07ec1f179ff3db77744843e47aa8067a3c
Signed-off-by: Steven <sluong@cisco.com>
if (args->host_namespace)
{
int fd;
if (args->host_namespace)
{
int fd;
old_netns_fd = open ("/proc/self/ns/net", O_RDONLY);
if ((fd = open_netns_fd ((char *) args->host_namespace)) == -1)
{
old_netns_fd = open ("/proc/self/ns/net", O_RDONLY);
if ((fd = open_netns_fd ((char *) args->host_namespace)) == -1)
{
args->rv = VNET_API_ERROR_NETLINK_ERROR;
goto error;
}
args->rv = VNET_API_ERROR_NETLINK_ERROR;
goto error;
}
- if (setns (fd, CLONE_NEWNET) == -1)
+ rc = setns (fd, CLONE_NEWNET);
+ close (fd);
+ if (rc == -1)
{
args->rv = VNET_API_ERROR_SYSCALL_ERROR_3;
args->error = clib_error_return_unix (0, "setns '%s'",
args->host_namespace);
goto error;
}
{
args->rv = VNET_API_ERROR_SYSCALL_ERROR_3;
args->error = clib_error_return_unix (0, "setns '%s'",
args->host_namespace);
goto error;
}
if ((vif->ifindex = if_nametoindex ((char *) args->host_if_name)) == 0)
{
args->rv = VNET_API_ERROR_SYSCALL_ERROR_3;
if ((vif->ifindex = if_nametoindex ((char *) args->host_if_name)) == 0)
{
args->rv = VNET_API_ERROR_SYSCALL_ERROR_3;