From 4ddf32c92b76f32559096910afcf7528591302aa Mon Sep 17 00:00:00 2001
From: Lasse Collin <lasse.collin@tukaani.org>
Date: Sat, 4 Jan 2025 20:04:56 +0200
Subject: [PATCH] xzdec: Don't leave Landlock file descriptor open for no
 reason

This fix is similar to 48ff3f06521ca326996ab9a04d1b342098960427.

Fixes: d74fb5f060b76db709b50f5fd37490394e52f975
(cherry picked from commit 2655c81b5e92278b0fd51f6537c1116f8349b02a)
---
 src/xzdec/xzdec.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/xzdec/xzdec.c b/src/xzdec/xzdec.c
index 88866da7..d281e071 100644
--- a/src/xzdec/xzdec.c
+++ b/src/xzdec/xzdec.c
@@ -362,6 +362,8 @@ sandbox_enter(int src_fd)
 		// before activating the sandbox.
 		if (syscall(SYS_landlock_restrict_self, ruleset_fd, 0U) != 0)
 			goto error;
+
+		(void)close(ruleset_fd);
 	}
 
 	(void)src_fd;