From b0d13ba55748c48b9004a168836d6682b9195937 Mon Sep 17 00:00:00 2001
From: Patrick Ohly <patrick.ohly@intel.com>
Date: Wed, 9 Sep 2015 23:02:01 +0300
Subject: [PATCH] calc_evm_hmac/hash: avoid fd leak when ioctl fails

When opening the file succeeds but ioctl() then fails, the file must
be closed before returning.

Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
---
 src/evmctl.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/evmctl.c b/src/evmctl.c
index ef815d4..c68f2c2 100644
--- a/src/evmctl.c
+++ b/src/evmctl.c
@@ -332,6 +332,7 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
 			}
 			if (ioctl(fd, FS_IOC_GETVERSION, &generation)) {
 				log_err("ioctl() failed\n");
+				close(fd);
 				return -1;
 			}
 			close(fd);
@@ -885,6 +886,7 @@ static int calc_evm_hmac(const char *file, const char *keyfile, unsigned char *h
 		}
 		if (ioctl(fd, FS_IOC_GETVERSION, &generation)) {
 			log_err("ioctl() failed\n");
+			close(fd);
 			goto out;
 		}
 		close(fd);