From 7d052232b06e5cd9a4af67992bec68e44feb21fa Mon Sep 17 00:00:00 2001 From: Mikhail Novosyolov Date: Sat, 28 Feb 2026 21:25:39 +0300 Subject: [PATCH] Fix HANDLE_LEAK.EX in aulast.c Close file handle 'f' before returning error in argument parsing to prevent resource leak when --extract option is followed by an invalid argument. Svace report: Handle 'f' is created at aulast.c:506 by calling function 'fopen' and lost at aulast.c:506. (CWE404, CWE775) This leaks happens in the end of main() and could be not fixed, but let's make static analyzers happy... Example scaniors of leaks: aulast --extract -f file -f file2 aulast -f file --extract --stdin aulast --extract --user u1 --user u2 aulast --extract --tty t1 --tty t2 aulast --extract --invalid Co-authored-by: Z.AI GLM-5 --- tools/aulast/aulast.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/tools/aulast/aulast.c b/tools/aulast/aulast.c index a800ca14b..bc7ec0792 100644 --- a/tools/aulast/aulast.c +++ b/tools/aulast/aulast.c @@ -497,7 +497,7 @@ int main(int argc, char *argv[]) file = argv[i]; } else { fprintf(stderr,"stdin already given\n"); - return 1; + goto arg_error; } } else if (strcmp(argv[i], "--bad") == 0) { bad = 1; @@ -510,7 +510,7 @@ int main(int argc, char *argv[]) use_stdin = 1; else { fprintf(stderr, "file already given\n"); - return 1; + goto arg_error; } } else if (strcmp(argv[i], "--user") == 0) { if (user == NULL) { @@ -518,7 +518,7 @@ int main(int argc, char *argv[]) user = argv[i]; } else { usage(); - return 1; + goto arg_error; } } else if (strcmp(argv[i], "--tty") == 0) { if (cterm == NULL) { @@ -526,13 +526,13 @@ int main(int argc, char *argv[]) cterm = argv[i]; } else { usage(); - return 1; + goto arg_error; } } else if (strcmp(argv[i], "--debug") == 0) { debug = 1; } else { usage(); - return 1; + goto arg_error; } } list_create(&l); @@ -612,6 +612,11 @@ int main(int argc, char *argv[]) fclose(f); return 0; +arg_error: + if (f) + fclose(f); + return 1; + error_exit_1: list_clear(&l); if (f)