This is a minimal fix for what would be reported by Coverity as
"Improper use of negative value" (CWE-394): port_fwd_init() doesn't
guarantee that all the pre-opened file handles are actually valid.
We should probably warn on failing open() and open_in_ns() in
port_fwd_init(), too, but that's outside the scope of this minimal
fix.
Before commit 5a0485425bc9 ("port_fwd: Pre-open /proc/net/* files
rather than on-demand"), we used to have a single open() call and
a check after it.
Fixes: 5a0485425bc9 ("port_fwd: Pre-open /proc/net/* files rather than
on-demand")
Signed-off-by: Stefano Brivio <sbrivio(a)redhat.com>
---
port_fwd.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/port_fwd.c b/port_fwd.c
index fc4d5cb..eac8d2f 100644
--- a/port_fwd.c
+++ b/port_fwd.c
@@ -45,6 +45,9 @@ static void procfs_scan_listen(int fd, unsigned int lstate,
unsigned int state;
char *line;
+ if (fd < 0)
+ return;
+
if (lseek(fd, 0, SEEK_SET)) {
warn("lseek() failed on /proc/net file: %s", strerror(errno));
return;
--
2.39.2