From 933b92df7d3b02aa3a0b7aed3f03823f22a7c476 Mon Sep 17 00:00:00 2001
From: Thibault Godouet <fcron@free.fr>
Date: Sun, 3 Feb 2013 11:12:29 +0000
Subject: [PATCH] Fixed fcron crash bug when using fcrondyn. This bug was
 introduced in 25e9c80848acb89e6320ed6261a4d1c75b60b1c8, and we were using a
 fd after xclose() was called on it, so its value was no longer valid. Audited
 the code for similar problems and didn't find any other.

---
 fcrondyn.c | 4 ++--
 fcrontab.c | 3 +--
 socket.c   | 4 ++--
 3 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/fcrondyn.c b/fcrondyn.c
index aab4f20..1897045 100644
--- a/fcrondyn.c
+++ b/fcrondyn.c
@@ -692,7 +692,7 @@ interactive_mode(int fd)
         if (line_read && *line_read) {
             add_history(line_read);
         }
-#endif
+#endif /* HAVE_READLINE_HISTORY */
 
         free(line_read);
         if (return_code == QUIT_CMD || return_code == ERR) {
@@ -779,7 +779,7 @@ int
 main(int argc, char **argv)
 {
     int return_code = 0;
-    int fd = (-1);
+    int fd = (-1); /* fd == -1 means connection to fcron is not currently open */
     struct passwd *pass = NULL;
 
     rootuid = get_user_uid_safe(ROOTNAME);
diff --git a/fcrontab.c b/fcrontab.c
index 0f59508..3f6767e 100644
--- a/fcrontab.c
+++ b/fcrontab.c
@@ -248,7 +248,6 @@ copy_src(int from, const char *dest)
         }
 
     xclose_check(&to_fd, dest);
-    to_fd = -1;
 
     if (rename_as_user(tmp_filename_str, dest, useruid, fcrontab_gid) < 0) {
         error_e("Unable to rename %s to %s : old source file kept",
@@ -677,7 +676,7 @@ install_stdin(void)
 void
 reinstall(char *fcron_orig)
 {
-    int i = 0;
+    int i = -1;
 
     explain("reinstalling %s's fcrontab", user);
 
diff --git a/socket.c b/socket.c
index 78dbeaa..9aa41a2 100644
--- a/socket.c
+++ b/socket.c
@@ -869,10 +869,10 @@ remove_connection(struct fcrondyn_cl **client, struct fcrondyn_cl *prev_client)
 /* close the connection, remove it from the list 
 and make client points to the next entry */
 {
+    debug("closing connection : fd : %d", (*client)->fcl_sock_fd);
     shutdown((*client)->fcl_sock_fd, SHUT_RDWR);
-    xclose_check(&((*client)->fcl_sock_fd), "client fd");
     remove_from_select_set((*client)->fcl_sock_fd, &master_set, &set_max_fd);
-    debug("connection closed : fd : %d", (*client)->fcl_sock_fd);
+    xclose_check(&((*client)->fcl_sock_fd), "client fd");
     if (prev_client == NULL) {
         fcrondyn_cl_base = (*client)->fcl_next;
         Free_safe((*client)->fcl_user);
-- 
2.40.0