From 3c09e9dceec016c4f31452506d5ddb012f8a82d7 Mon Sep 17 00:00:00 2001
From: Alexey Tikhonov <atikhono@redhat.com>
Date: Nov 07 2019 12:18:42 +0000
Subject: sss_ssh_knownhostsproxy: fixed Coverity issue


Actually I think this Coverity error was "false positive":
```
Error: RESOURCE_LEAK (CWE-772):
sssd-2.2.3/src/sss_client/ssh/sss_ssh_knownhostsproxy.c:67: open_fn: Returning handle opened by "socket".
sssd-2.2.3/src/sss_client/ssh/sss_ssh_knownhostsproxy.c:67: var_assign: Assigning: "sock" = handle returned from "socket(family, SOCK_STREAM, IPPROTO_TCP)".
sssd-2.2.3/src/sss_client/ssh/sss_ssh_knownhostsproxy.c:76: noescape: Resource "sock" is not freed or pointed-to in "connect".
sssd-2.2.3/src/sss_client/ssh/sss_ssh_knownhostsproxy.c:88: leaked_handle: Handle variable "sock" going out of scope leaks the handle.
   86|   done:
   87|       if (ret != 0 && sock >= 0) close(sock);
   88|->     return ret;
   89|   }
   90|
```

Nonetheless it is easier to adjust the code to avoid a complaint.

Reviewed-by: Michal Židek <mzidek@redhat.com>

---

diff --git a/src/sss_client/ssh/sss_ssh_knownhostsproxy.c b/src/sss_client/ssh/sss_ssh_knownhostsproxy.c
index 102f562..051f51c 100644
--- a/src/sss_client/ssh/sss_ssh_knownhostsproxy.c
+++ b/src/sss_client/ssh/sss_ssh_knownhostsproxy.c
@@ -63,10 +63,14 @@ connect_socket(int family, struct sockaddr *addr, size_t addr_len, int *sd)
         goto done;
     }
 
-    *sd = sock;
-
 done:
-    if (ret != 0 && sock >= 0) close(sock);
+    if (ret != 0) {
+        if (sock >= 0) {
+            close(sock);
+        }
+    } else {
+        *sd = sock;
+    }
     return ret;
 }