diff options
author | Timo Teräs <timo.teras@iki.fi> | 2010-05-26 14:30:08 +0300 |
---|---|---|
committer | Timo Teräs <timo.teras@iki.fi> | 2010-05-26 14:30:08 +0300 |
commit | fe55da70741621f7bac2cd943b64cc13e25f9427 (patch) | |
tree | ddf65b4709144e3b0e69c81dea33ed5a065e137c /src | |
parent | d9bf4aabff801164b4c54e51b38c5f6eab2da114 (diff) | |
download | apk-tools-fe55da70741621f7bac2cd943b64cc13e25f9427.tar.gz apk-tools-fe55da70741621f7bac2cd943b64cc13e25f9427.tar.bz2 apk-tools-fe55da70741621f7bac2cd943b64cc13e25f9427.tar.xz apk-tools-fe55da70741621f7bac2cd943b64cc13e25f9427.zip |
package: don't leak signing key file fd
openssl BIO does not close the fd unless we explicitly tell it to
do so.
Diffstat (limited to 'src')
-rw-r--r-- | src/package.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/package.c b/src/package.c index b265468..b97c412 100644 --- a/src/package.c +++ b/src/package.c @@ -441,7 +441,7 @@ int apk_sign_ctx_process_file(struct apk_sign_ctx *ctx, if (fd < 0) return 0; - bio = BIO_new_fp(fdopen(fd, "r"), 0); + bio = BIO_new_fp(fdopen(fd, "r"), BIO_CLOSE); ctx->signature.pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL); if (ctx->signature.pkey != NULL) { if (fi->name[6] == 'R') |