Re: Avoid handle leak (src/bin/pg_ctl/pg_ctl.c)

Michael Paquier <michael@paquier.xyz>

From: Michael Paquier <michael@paquier.xyz>
To: Ranier Vilela <ranier.vf@gmail.com>
Cc: Pg Hackers <pgsql-hackers@postgresql.org>
Date: 2025-10-24T05:57:40Z
Lists: pgsql-hackers
On Thu, Oct 23, 2025 at 09:51:14PM -0300, Ranier Vilela wrote:
> The function *CreateRestrictedProcess* is responsible to create a
> restricted token
> Coverity complains that the handle origToken can be leaked.
> 
> In case of failure of the functions *AllocateAndInitializeSid* or
> *GetPrivilegesToDelete*
> the handle origToken must be released.

pg_ctl exits quickly when a failure of CreateRestrictedProcess()
happens, hence why does it matter to close these handles as an exit()
should do the job as well?
--
Michael