[PATCH 1 of 3] Auth basic: fixed file descriptor leak on memory allocation errors

Wed Nov 19 14:10:38 UTC 2025

# HG changeset patch
# User Maxim Dounin <mdounin at mdounin.ru>
# Date 1763512313 -10800
#      Wed Nov 19 03:31:53 2025 +0300
# Node ID a7a3126061282c50ed79c86f9ca72ddd72a10310
# Parent  6598df9118f93b8f731114ef56069c270e44488b
Auth basic: fixed file descriptor leak on memory allocation errors.

If ngx_pnalloc() for pwd.data failed when handling an incomplete last line
of a user file, file descriptor for the file wasn't closed before returning
the error.  The issue was introduced in 7637:0cb942c1c1aa (1.17.10), as
the particular error path wasn't converted to the "goto cleanup" pattern
introduced in the commit, but file closing was moved to the end of the
function.

The issue is, however, unlikely to happen in practice, as it only happens
when handling an incorrectly formatted user file (newline at end of file),
and only if memory allocation of a small string fails, which is unlikely
even on memory-constrained systems.

The fix is to use the "goto cleanup" pattern, similarly to how other errors
are handled since 7637:0cb942c1c1aa.  This also ensures that the buffer is
properly zeroed out if the particular memory allocation fails.

Found by Coverity (CID 1643265).

diff --git a/src/http/modules/ngx_http_auth_basic_module.c b/src/http/modules/ngx_http_auth_basic_module.c
--- a/src/http/modules/ngx_http_auth_basic_module.c
+++ b/src/http/modules/ngx_http_auth_basic_module.c
@@ -253,7 +253,8 @@ ngx_http_auth_basic_handler(ngx_http_req
         pwd.len = i - passwd;
         pwd.data = ngx_pnalloc(r->pool, pwd.len + 1);
         if (pwd.data == NULL) {
-            return NGX_HTTP_INTERNAL_SERVER_ERROR;
+            rc = NGX_HTTP_INTERNAL_SERVER_ERROR;
+            goto cleanup;
         }
 
         ngx_cpystrn(pwd.data, &buf[passwd], pwd.len + 1);

