From 003dbad250ea471352f8b6130155c85c4c436b9d Mon Sep 17 00:00:00 2001
From: Paul Bakker <p.j.bakker@polarssl.org>
Date: Mon, 9 Sep 2013 17:26:14 +0200
Subject: [PATCH] Fixed file descriptor leak in x509parse_crtpath()

---
 ChangeLog           | 1 +
 library/x509parse.c | 3 +++
 2 files changed, 4 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 4a75d6e83..72d55eee5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -46,6 +46,7 @@ Bugfix
    * Fixed parse error in ssl_parse_certificate_request()
    * zlib compression/decompression skipped on empty blocks
    * Support for AIX header locations in net.c module
+   * Fixed file descriptor leaks
 
 Security
    * RSA blinding on CRT operations to counter timing attacks
diff --git a/library/x509parse.c b/library/x509parse.c
index 2ab52fba4..55cc9e378 100644
--- a/library/x509parse.c
+++ b/library/x509parse.c
@@ -2053,7 +2053,10 @@ cleanup:
         i = stat( entry_name, &sb );
 
         if( i == -1 )
+        {
+            closedir( dir );
             return( POLARSSL_ERR_X509_FILE_IO_ERROR );
+        }
 
         if( !S_ISREG( sb.st_mode ) )
             continue;