coverity resource leak fixes

src/lxc/apparmor.c

@@ -36,6 +36,8 @@ again:
 	f = fopen(path, "r");
 	if (!f) {
 		SYSERROR("opening %s\n", path);
+		if (buf)
+			free(buf);
 		return NULL;
 	}
 	sz += 1024;

src/lxc/cgroup.c

@@ -69,8 +69,10 @@ static char *mount_has_subsystem(const struct mntent *mntent)
 		return 0;
 
 	/* skip the first line, which contains column headings */
-	if (!fgets(line, MAXPATHLEN, f))
+	if (!fgets(line, MAXPATHLEN, f)) {
+		fclose(f);
 		return 0;
+	}
 
 	while (fgets(line, MAXPATHLEN, f)) {
 		c = strchr(line, '\t');

src/lxc/conf.c

@@ -309,6 +309,7 @@ static int run_buffer(char *buffer)
 	output = malloc(LXC_LOG_BUFFER_SIZE);
 	if (!output) {
 		ERROR("failed to allocate memory for script output");
+		pclose(f);
 		return -1;
 	}
 
@@ -535,6 +536,7 @@ static int mount_rootfs_file(const char *rootfs, const char *target)
 		if (errno != ENXIO) {
 			WARN("unexpected error for ioctl on '%s': %m",
 			     direntp->d_name);
+			close(fd);
 			continue;
 		}
 
@@ -792,6 +794,7 @@ static int setup_rootfs_pivot_root_cb(char *buffer, void *data)
 	listentry->elem = strdup(mountpoint);
 	if (!listentry->elem) {
 		SYSERROR("strdup failed");
+		free(listentry);
 		return -1;
 	}
 	lxc_list_add_tail(mountlist, listentry);
@@ -1053,8 +1056,10 @@ int detect_shared_rootfs(void)
 		if (strcmp(p+1, "/") == 0) {
 			// this is '/'.  is it shared?
 			p = index(p2+1, ' ');
-			if (strstr(p, "shared:"))
+			if (strstr(p, "shared:")) {
+				fclose(f);
 				return 1;
+			}
 		}
 	}
 	fclose(f);

src/lxc/confile.c

@@ -1249,8 +1249,10 @@ static int config_mount(const char *key, const char *value,
 		return -1;
 
 	mntelem = strdup(value);
-	if (!mntelem)
+	if (!mntelem) {
+		free(mntlist);
 		return -1;
+	}
 	mntlist->elem = mntelem;
 
 	lxc_list_add_tail(&lxc_conf->mount_list, mntlist);