lib/39434: libkrb5:seed_something() file descriptor leak

[bad%bsd.de@localhost]

>Number:         39434
>Category:       lib
>Synopsis:       seed_something() in libkrb5 has a file descriptor leak
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    lib-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Aug 30 12:10:00 +0000 2008
>Originator:     Christoph Badura
>Release:        NetBSD 3.1_STABLE
>Organization:
>Environment:
        
        
System: NetBSD nervous-energy 3.1_STABLE NetBSD 3.1_STABLE (nervous-energy) #4: 
Fri Jul 25 06:31:02 MEST 2008 
root@nervous-energy:/m/obj/m/src/sys/arch/i386/compile/nervous-energy i386
Architecture: i386
Machine: i386
>Description:
        
crypto/dist/heimdal/lib/krb5/crypto.c:seed_something() has an obvious file
descripto leak.

This causes, e.g. racoon using XAUTH authentication and pam_krb5 to fail
after a number of authentications.
>How-To-Repeat:
        
>Fix:
        
Apply the following patch with brings the code in question up-to-date with
revision 1.14.

Index: crypto.c
===================================================================
RCS file: /cvsroot/src/crypto/dist/heimdal/lib/krb5/crypto.c,v
retrieving revision 1.13
diff -u -r1.13 crypto.c
--- crypto.c    2 Apr 2004 14:59:48 -0000       1.13
+++ crypto.c    30 Aug 2008 12:01:23 -0000
@@ -3241,9 +3241,11 @@
     if (RAND_file_name(seedfile, sizeof(seedfile))) {
        fd = open(seedfile, O_RDONLY);
        if (fd >= 0) {
-           read(fd, buf, sizeof(buf));
-           /* Use the full buffer anyway */
-           RAND_add(buf, sizeof(buf), 0.0);
+           ssize_t ret;
+           ret = read(fd, buf, sizeof(buf));
+           if (ret > 0)
+               RAND_add(buf, sizeof(buf), 0.0);
+           close(fd);
        } else
            seedfile[0] = '\0';
     } else

>Unformatted: