1 files changed, 6 insertions, 5 deletions

diff --git a/lib/tcbfuncs.c b/lib/tcbfuncs.c
index 1ed5d03..b5915fc 100644
--- a/lib/tcbfuncs.c
+++ b/lib/tcbfuncs.c
@@ -141,7 +141,7 @@ static /*@null@*/ char *shadowtcb_path_rel_existing (const char *name)
 		         shadow_progname, link);
 		return NULL;
 	}
-	link[(size_t)ret] = '\0';
+	link[ret] = '\0';
 	rval = strdup (link);
 	if (NULL == rval) {
 		OUT_OF_MEMORY;
@@ -527,7 +527,7 @@ shadowtcb_status shadowtcb_create (const char *name, uid_t uid)
 	struct stat tcbdir_stat;
 	gid_t shadowgid, authgid;
 	struct group *gr;
-	int fd;
+	int fd = -1;
 	shadowtcb_status ret = SHADOWTCB_FAILURE;
 
 	if (!getdef_bool ("USE_TCB")) {
@@ -566,14 +566,13 @@ shadowtcb_status shadowtcb_create (const char *name, uid_t uid)
 		         shadow_progname, shadow, strerror (errno));
 		goto out_free;
 	}
-	close (fd);
-	if (chown (shadow, 0, authgid) != 0) {
+	if (fchown (fd, 0, authgid) != 0) {
 		fprintf (shadow_logfd,
 		         _("%s: Cannot change owner of %s: %s\n"),
 		         shadow_progname, shadow, strerror (errno));
 		goto out_free;
 	}
-	if (chmod (shadow, (mode_t) ((authgid == shadowgid) ? 0600 : 0640)) != 0) {
+	if (fchmod (fd, (mode_t) ((authgid == shadowgid) ? 0600 : 0640)) != 0) {
 		fprintf (shadow_logfd,
 		         _("%s: Cannot change mode of %s: %s\n"),
 		         shadow_progname, shadow, strerror (errno));
@@ -597,6 +596,8 @@ shadowtcb_status shadowtcb_create (const char *name, uid_t uid)
 	}
 	ret = SHADOWTCB_SUCCESS;
 out_free:
+	if (fd != -1)
+		close(fd);
 	free (dir);
 	free (shadow);
 	return ret;