Commit fe55da70 authored by Timo Teräs's avatar Timo Teräs

package: don't leak signing key file fd

openssl BIO does not close the fd unless we explicitly tell it to
do so.
parent d9bf4aab
......@@ -441,7 +441,7 @@ int apk_sign_ctx_process_file(struct apk_sign_ctx *ctx,
if (fd < 0)
return 0;
bio = BIO_new_fp(fdopen(fd, "r"), 0);
bio = BIO_new_fp(fdopen(fd, "r"), BIO_CLOSE);
ctx->signature.pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
if (ctx->signature.pkey != NULL) {
if (fi->name[6] == 'R')
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment