[FixRM #8312] - Fix file handle leaks

Fix file handle leaks for [SeeRM #8312]

modules/auxiliary/analyze/jtr_aix.rb

@@ -31,18 +31,24 @@ class Metasploit3 < Msf::Auxiliary
 	end
 
 	def run
-		wordlist = Rex::Quickfile.new("jtrtmp")
+		begin
+			wordlist = Rex::Quickfile.new("jtrtmp")
 
-		wordlist.write( build_seed().join("\n") + "\n" )
-		wordlist.close
+			wordlist.write( build_seed().join("\n") + "\n" )
+		ensure
+			wordlist.close
+		end
 
 		hashlist = Rex::Quickfile.new("jtrtmp")
 
 		myloots = myworkspace.loots.find(:all, :conditions => ['ltype=?', 'aix.hashes'])
 		unless myloots.nil? or myloots.empty?
 			myloots.each do |myloot|
+				usf = ''
 				begin
-					usf = File.open(myloot.path, "rb")
+					File.open(myloot.path, "rb") do |f|
+						usf = f.read
+					end
 				rescue Exception => e
 					print_error("Unable to read #{myloot.path} \n #{e}")
 					next

modules/auxiliary/analyze/jtr_linux.rb

@@ -49,8 +49,11 @@ class Metasploit3 < Msf::Auxiliary
 		myloots = myworkspace.loots.where('ltype=?', 'linux.hashes')
 		unless myloots.nil? or myloots.empty?
 			myloots.each do |myloot|
+				usf = ''
 				begin
-					usf = File.open(myloot.path, "rb")
+					File.open(myloot.path, "rb") do |f|
+						usf = f.read
+					end
 				rescue Exception => e
 					print_error("Unable to read #{myloot.path} \n #{e}")
 				end

modules/auxiliary/client/smtp/emailer.rb

@@ -46,42 +46,82 @@ class Metasploit3 < Msf::Auxiliary
 		deregister_options('SUBJECT')
 	end
 
+	def load_yaml_conf
+		opts = {}
+
+		File.open(datastore['YAML_CONFIG'], "rb") do |f|
+			yamlconf = YAML::load(fileconf)
+
+			opts['to']                   = yamlconf['to']
+			opts['from']                 = yamlconf['from']
+			opts['subject']              = yamlconf['subject']
+			opts['type']                 = yamlconf['type']
+			opts['msg_file']             = yamlconf['msg_file']
+			opts['wait']                 = yamlconf['wait']
+			opts['add_name']             = yamlconf['add_name']
+			opts['sig']                  = yamlconf['sig']
+			opts['sig_file']             = yamlconf['sig_file']
+			opts['attachment']           = yamlconf['attachment']
+			opts['attachment_file']      = yamlconf['attachment_file']
+			opts['attachment_file_type'] = yamlconf['attachment_file_type']
+			opts['attachment_file_name'] = yamlconf['attachment_file_name']
+
+			### payload options ###
+			opts['make_payload']         = yamlconf['make_payload']
+			opts['zip_payload']          = yamlconf['zip_payload']
+			opts['msf_port']             = yamlconf['msf_port']
+			opts['msf_ip']               = yamlconf['msf_ip']
+			opts['msf_payload']          = yamlconf['msf_payload']
+			opts['msf_filename']         = yamlconf['msf_filename']
+			opts['msf_change_ext']       = yamlconf['msf_change_ext']
+			opts['msf_payload_ext']      = yamlconf['msf_payload_ext']
+		end
+
+		opts
+	end
+
+	def load_file(fname)
+		buf = ''
+		File.open(fname, 'rb') do |f|
+			buf = f.read
+		end
+
+		buf
+	end
+
 	def run
 
-		fileconf = File.open(datastore['YAML_CONFIG'], "rb")
-		yamlconf = YAML::load(fileconf)
+		yamlconf = load_yaml_conf
 
-		fileto = yamlconf['to']
-		from = yamlconf['from']
-		subject = yamlconf['subject']
-		type = yamlconf['type']
-		msg_file = yamlconf['msg_file']
-		wait = yamlconf['wait']
-		add_name = yamlconf['add_name']
-		sig = yamlconf['sig']
-		sig_file = yamlconf['sig_file']
-		attachment = yamlconf['attachment']
-		attachment_file = yamlconf['attachment_file']
+		fileto               = yamlconf['to']
+		from                 = yamlconf['from']
+		subject              = yamlconf['subject']
+		type                 = yamlconf['type']
+		msg_file             = yamlconf['msg_file']
+		wait                 = yamlconf['wait']
+		add_name             = yamlconf['add_name']
+		sig                  = yamlconf['sig']
+		sig_file             = yamlconf['sig_file']
+		attachment           = yamlconf['attachment']
+		attachment_file      = yamlconf['attachment_file']
 		attachment_file_type = yamlconf['attachment_file_type']
 		attachment_file_name = yamlconf['attachment_file_name']
 
-		### payload options ###
-		make_payload    = yamlconf['make_payload']
-		zip_payload     = yamlconf['zip_payload']
-		msf_port        = yamlconf['msf_port']
-		msf_ip          = yamlconf['msf_ip']
-		msf_payload     = yamlconf['msf_payload']
-		msf_filename    = yamlconf['msf_filename']
-		msf_change_ext  = yamlconf['msf_change_ext']
-		msf_payload_ext = yamlconf['msf_payload_ext']
-
+		make_payload         = yamlconf['make_payload']
+		zip_payload          = yamlconf['zip_payload']
+		msf_port             = yamlconf['msf_port']
+		msf_ip               = yamlconf['msf_ip']
+		msf_payload          = yamlconf['msf_payload']
+		msf_filename         = yamlconf['msf_filename']
+		msf_change_ext       = yamlconf['msf_change_ext']
+		msf_payload_ext      = yamlconf['msf_payload_ext']
 
 		tmp = Dir.tmpdir
 
 		datastore['MAILFROM'] = from
 
-		msg = File.open(msg_file, 'rb').read
-		email_sig = File.open(sig_file, 'rb').read
+		msg       = load_file(msg_file)
+		email_sig = load_file(sig_file)
 
 		if (type !~ /text/i and type !~ /text\/html/i)
 			print_error("YAML config: #{type}")
@@ -154,7 +194,7 @@ class Metasploit3 < Msf::Auxiliary
 			end
 
 			if sig
-				data_sig = File.open(sig_file, 'rb').read
+				data_sig = load_file(sig_file)
 				email_msg_body = "#{email_msg_body}\n#{data_sig}"
 			end
 
@@ -172,7 +212,7 @@ class Metasploit3 < Msf::Auxiliary
 
 			if attachment
 				if attachment_file_name
-					data_attachment = File.open(attachment_file, 'rb').read
+					data_attachment = load_file(attachment_file)
 					mime_msg.add_part(Rex::Text.encode_base64(data_attachment, "\r\n"), attachment_file_type, "base64", "attachment; filename=\"#{attachment_file_name}\"")
 				end
 			end

modules/auxiliary/gather/d20pass.rb

@@ -240,19 +240,20 @@ class Metasploit3 < Msf::Auxiliary
 
 	def parse(fh)
 		print_status("Parsing file")
-		f = File.open(fh.path, 'rb')
-		used = f.read(4)
-		if used != "USED"
-			print_error "Invalid Configuration File!"
-			return
-		end
-		f.seek(0x38)
-		start = makefptr(f.read(4))
-		userptr = findentry(f, "B014USER", start)
-		if userptr != nil
-			parseusers(f, userptr)
-		else
-			print_error "Error finding the user table in the configuration."
+		File.open(fh.path, 'rb') do |f|
+			used = f.read(4)
+			if used != "USED"
+				print_error "Invalid Configuration File!"
+				return
+			end
+			f.seek(0x38)
+			start = makefptr(f.read(4))
+			userptr = findentry(f, "B014USER", start)
+			if userptr != nil
+				parseusers(f, userptr)
+			else
+				print_error "Error finding the user table in the configuration."
+			end
 		end
 	end
 

modules/auxiliary/scanner/sap/sap_icm_urlscan.rb

@@ -81,9 +81,10 @@ class Metasploit3 < Msf::Auxiliary
 
 			# Load URLs
 			urls_to_check = []
-			f = File.open(url_file)
-			f.each_line do |line|
-				urls_to_check.push line
+			File.open(url_file) do |f|
+				f.each_line do |line|
+					urls_to_check.push line
+				end
 			end
 
 			print_status("#{rhost}:#{rport} Beginning URL check")

modules/post/windows/gather/enum_chrome.rb

@@ -84,8 +84,8 @@ class Metasploit3 < Msf::Post
 
 
 	def parse_prefs(username, filepath)
-		f = File.open(filepath, 'rb')
-		until f.eof
+		prefs = ''
+		File.open(filepath, 'rb') do |f|
 			prefs = f.read
 		end
 		results = ActiveSupport::JSON.decode(prefs)