From 36ad65a7d1709deeb4bc1ae3e994a30c3e7bf789 Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Mon, 14 Mar 2016 13:02:50 -0400
Subject: [PATCH] When using open() to make sure we created a dir, close the fd
 afterwards

Found by coverity. Not in any released Tor. Fixes CID 1355640.

Also, don't check for fd correctness with assert(fd).  You need to
assert (fd >= 0).
---
 src/common/util.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/common/util.c b/src/common/util.c
index b4355115d1..e8be91f459 100644
--- a/src/common/util.c
+++ b/src/common/util.c
@@ -2114,7 +2114,10 @@ check_private_dir(const char *dirname, cpd_check_t check,
        * permissions on the directory will be checked again below.*/
       fd = open(sandbox_intern_string(dirname), O_NOFOLLOW);
 
-      if ( fd == -1 ) return -1;
+      if (fd == -1)
+        return -1;
+      else
+        close(fd);
 
     } else if (!(check & CPD_CHECK)) {
       log_warn(LD_FS, "Directory %s does not exist.", dirname);
@@ -2126,7 +2129,7 @@ check_private_dir(const char *dirname, cpd_check_t check,
     return 0;
   }
 
-  tor_assert(fd);
+  tor_assert(fd >= 0);
 
   //f = tor_strdup(dirname);
   //clean_name_for_stat(f);