From d88ef6605120fd75be38376ba147623cf427bf73 Mon Sep 17 00:00:00 2001 From: Jeff King Date: Tue, 5 Sep 2017 08:14:23 -0400 Subject: [PATCH] verify_signed_buffer: prefer close_tempfile() to close() We do a manual close() on the descriptor provided to us by mks_tempfile. But this runs contrary to the advice in tempfile.h, which notes that you should always use close_tempfile(). Otherwise the descriptor may be reused without the tempfile object knowing it, and the later call to delete_tempfile() could close a random descriptor. Signed-off-by: Jeff King Signed-off-by: Junio C Hamano --- gpg-interface.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gpg-interface.c b/gpg-interface.c index d936f3a32f..455b6c04b4 100644 --- a/gpg-interface.c +++ b/gpg-interface.c @@ -215,7 +215,7 @@ int verify_signed_buffer(const char *payload, size_t payload_size, delete_tempfile(&temp); return -1; } - close(fd); + close_tempfile(&temp); argv_array_pushl(&gpg.args, gpg_program,