From ac438e19b68f18f7f5e485c6cdc215283b99921b Mon Sep 17 00:00:00 2001
From: Tom Yu <tlyu@mit.edu>
Date: Fri, 14 Dec 2007 04:38:42 +0000
Subject: [PATCH] fix CVE-2007-5972: double fclose() in krb5_def_store_mkey()

ticket: 5857
target_version: 1.6.4
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20179 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/lib/kdb/kdb_default.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/lib/kdb/kdb_default.c b/src/lib/kdb/kdb_default.c
index 0e5880490..fd95c8379 100644
--- a/src/lib/kdb/kdb_default.c
+++ b/src/lib/kdb/kdb_default.c
@@ -186,8 +186,7 @@ krb5_def_store_mkey(context, keyfile, mname, key, master_pwd)
 		kf) != key->length)) {
 	retval = errno;
 	(void) fclose(kf);
-    }
-    if (fclose(kf) == EOF)
+    } else if (fclose(kf) == EOF)
 	retval = errno;
 #if HAVE_UMASK
     (void) umask(oumask);
-- 
2.26.2