From ec0c3f9c2ca9a9080f876944ddac5f0a583b5b11 Mon Sep 17 00:00:00 2001
From: Marcus Perlick <38723273+marcusperlick@users.noreply.github.com>
Date: Mon, 10 Mar 2025 09:24:49 +0100
Subject: [PATCH] Fix potential leak of HTTP response body in downloadJSON of
 csaf_aggregator (#618)

---
 cmd/csaf_aggregator/client.go | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/cmd/csaf_aggregator/client.go b/cmd/csaf_aggregator/client.go
index 916baa5..abd475c 100644
--- a/cmd/csaf_aggregator/client.go
+++ b/cmd/csaf_aggregator/client.go
@@ -10,6 +10,7 @@ package main
 
 import (
 	"errors"
+	"fmt"
 	"io"
 	"net/http"
 
@@ -20,13 +21,14 @@ var errNotFound = errors.New("not found")
 
 func downloadJSON(c util.Client, url string, found func(io.Reader) error) error {
 	res, err := c.Get(url)
-	if err != nil || res.StatusCode != http.StatusOK ||
+	if err != nil {
+		return fmt.Errorf("not found: %w", err)
+	}
+	defer res.Body.Close()
+	if res.StatusCode != http.StatusOK ||
 		res.Header.Get("Content-Type") != "application/json" {
 		// ignore this as it is expected.
 		return errNotFound
 	}
-	return func() error {
-		defer res.Body.Close()
-		return found(res.Body)
-	}()
+	return found(res.Body)
 }