From f7dcdc8a6f63b172360019beb6e1e22e7c98f17d Mon Sep 17 00:00:00 2001
From: William Dauchy <w.dauchy@criteo.com>
Date: Wed, 12 Feb 2020 21:23:20 +0100
Subject: [PATCH] BUG/MINOR: namespace: avoid closing fd when socket failed in
 my_socketat

we cannot return right after socket opening as we need to move back to
the default namespace first

this should fix github issue #500

this might be backported to all version >= 1.6

Fixes: b3e54fe387c7c1 ("MAJOR: namespace: add Linux network namespace
support")
Signed-off-by: William Dauchy <w.dauchy@criteo.com>
---
 src/namespace.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/namespace.c b/src/namespace.c
index f23da48f8..89a968e36 100644
--- a/src/namespace.c
+++ b/src/namespace.c
@@ -121,7 +121,8 @@ int my_socketat(const struct netns_entry *ns, int domain, int type, int protocol
 	sock = socket(domain, type, protocol);
 
 	if (default_namespace >= 0 && ns && setns(default_namespace, CLONE_NEWNET) == -1) {
-		close(sock);
+		if (sock >= 0)
+			close(sock);
 		return -1;
 	}
 	return sock;