From b3a7d07e66b027a56e57ba010998639ff0d6da86 Mon Sep 17 00:00:00 2001
From: Daniel Thayer <dnthayer@illinois.edu>
Date: Wed, 31 Aug 2016 14:07:44 -0500
Subject: [PATCH 1/2] Added a missing fclose in scan.l

On OS X, Bro was failing to startup without first using the "ulimit -n"
command to increase the allowed number of open files (OS X has a much
lower default limit than Linux or FreeBSD).
---
 src/scan.l | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/scan.l b/src/scan.l
index a6e37a67f7..a026b319f5 100644
--- a/src/scan.l
+++ b/src/scan.l
@@ -599,7 +599,12 @@ static int load_files(const char* orig_file)
 	ino_t i = get_inode_num(f, file_path);
 
 	if ( already_scanned(i) )
+		{
+		if ( f != stdin )
+			fclose(f);
+
 		return 0;
+		}
 
 	ScannedFile sf(i, file_stack.length(), file_path);
 	files_scanned.push_back(sf);

From 520ed43eae4ce7bcd8bb22cfd9cb6d138c4a4fd7 Mon Sep 17 00:00:00 2001
From: Daniel Thayer <dnthayer@illinois.edu>
Date: Wed, 31 Aug 2016 16:30:10 -0500
Subject: [PATCH 2/2] Added another missing fclose in scan.l

If someone uses an "@unload" directive in a bro script, then Bro
was neglecting to close the file.
---
 src/scan.l | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/scan.l b/src/scan.l
index a026b319f5..4fd2aac1c3 100644
--- a/src/scan.l
+++ b/src/scan.l
@@ -90,7 +90,10 @@ static ino_t get_inode_num(const string& path)
 	if ( ! f )
 		reporter->FatalError("failed to open %s\n", path.c_str());
 
-	return get_inode_num(f, path);
+	ino_t inum = get_inode_num(f, path);
+	fclose(f);
+
+	return inum;
 	}
 
 class FileInfo {