From: Donald Hunter <donald.hunter@gmail.com>
To: Maks Mishin <maks.mishinfz@gmail.com>
Cc: Stephen Hemminger <stephen@networkplumber.org>, netdev@vger.kernel.org
Subject: Re: [PATCH] genl: Fix descriptor leak in get_genl_kind()
Date: Thu, 08 Feb 2024 13:22:27 +0000 [thread overview]
Message-ID: <m28r3vt7jg.fsf@gmail.com> (raw)
In-Reply-To: <20240207200823.7229-1-maks.mishinFZ@gmail.com> (Maks Mishin's message of "Wed, 7 Feb 2024 23:08:23 +0300")
Maks Mishin <maks.mishinfz@gmail.com> writes:
> Signed-off-by: Maks Mishin <maks.mishinFZ@gmail.com>
The subject should say [PATCH iproute2] or [PATCH iproute2-next] since
it targets that project.
> ---
> genl/genl.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/genl/genl.c b/genl/genl.c
> index 85cc73bb..74100dad 100644
> --- a/genl/genl.c
> +++ b/genl/genl.c
> @@ -71,6 +71,9 @@ static struct genl_util *get_genl_kind(const char *str)
> snprintf(buf, sizeof(buf), "%s_genl_util", str);
>
> f = dlsym(dlh, buf);
> + if (dlh != NULL)
> + dlclose(dlh);
This is broken. If the earlier dlopen() actually loaded a .so then this
dlclose() will close it again, before f gets used. When f gets
dereferenced later, the program will crash. If this works at all, it is
because dlopen(NULL, ...) returns a handle to the main program, so
dlclose() doesn't unload it.
My assumption is that the author is leaving resources to be released at
program exit. It is a short-lived command line utility after all.
> +
> if (f == NULL)
> goto noexist;
> reg:
prev parent reply other threads:[~2024-02-08 13:45 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-07 20:08 [PATCH] genl: Fix descriptor leak in get_genl_kind() Maks Mishin
2024-02-08 13:22 ` Donald Hunter [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m28r3vt7jg.fsf@gmail.com \
--to=donald.hunter@gmail.com \
--cc=maks.mishinfz@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=stephen@networkplumber.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.