* [iproute PATCH v2 0/2] Covscan: Fix potential file descriptor leaks
@ 2017-08-17 17:09 Phil Sutter
2017-08-17 17:09 ` [iproute PATCH v2 1/2] ss: Don't leak fd in tcp_show_netlink_file() Phil Sutter
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Phil Sutter @ 2017-08-17 17:09 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: netdev
This series collects patches from v1 which deal with potential file
descriptor leaks.
No changes to the actual patches, just splitting into smaller series.
Phil Sutter (2):
ss: Don't leak fd in tcp_show_netlink_file()
tc/em_ipset: Don't leak sockfd on error path
misc/ss.c | 32 ++++++++++++++++++++------------
tc/em_ipset.c | 1 +
2 files changed, 21 insertions(+), 12 deletions(-)
--
2.13.1
^ permalink raw reply [flat|nested] 4+ messages in thread* [iproute PATCH v2 1/2] ss: Don't leak fd in tcp_show_netlink_file() 2017-08-17 17:09 [iproute PATCH v2 0/2] Covscan: Fix potential file descriptor leaks Phil Sutter @ 2017-08-17 17:09 ` Phil Sutter 2017-08-17 17:09 ` [iproute PATCH v2 2/2] tc/em_ipset: Don't leak sockfd on error path Phil Sutter 2017-08-18 16:18 ` [iproute PATCH v2 0/2] Covscan: Fix potential file descriptor leaks Stephen Hemminger 2 siblings, 0 replies; 4+ messages in thread From: Phil Sutter @ 2017-08-17 17:09 UTC (permalink / raw) To: Stephen Hemminger; +Cc: netdev Signed-off-by: Phil Sutter <phil@nwl.cc> --- misc/ss.c | 32 ++++++++++++++++++++------------ 1 file changed, 20 insertions(+), 12 deletions(-) diff --git a/misc/ss.c b/misc/ss.c index d767b1103ea81..07eecfa7a36db 100644 --- a/misc/ss.c +++ b/misc/ss.c @@ -2687,41 +2687,44 @@ static int tcp_show_netlink_file(struct filter *f) { FILE *fp; char buf[16384]; + int err = -1; if ((fp = fopen(getenv("TCPDIAG_FILE"), "r")) == NULL) { perror("fopen($TCPDIAG_FILE)"); - return -1; + return err; } while (1) { - int status, err; + int status, err2; struct nlmsghdr *h = (struct nlmsghdr *)buf; struct sockstat s = {}; status = fread(buf, 1, sizeof(*h), fp); if (status < 0) { perror("Reading header from $TCPDIAG_FILE"); - return -1; + break; } if (status != sizeof(*h)) { perror("Unexpected EOF reading $TCPDIAG_FILE"); - return -1; + break; } status = fread(h+1, 1, NLMSG_ALIGN(h->nlmsg_len-sizeof(*h)), fp); if (status < 0) { perror("Reading $TCPDIAG_FILE"); - return -1; + break; } if (status + sizeof(*h) < h->nlmsg_len) { perror("Unexpected EOF reading $TCPDIAG_FILE"); - return -1; + break; } /* The only legal exit point */ - if (h->nlmsg_type == NLMSG_DONE) - return 0; + if (h->nlmsg_type == NLMSG_DONE) { + err = 0; + break; + } if (h->nlmsg_type == NLMSG_ERROR) { struct nlmsgerr *err = (struct nlmsgerr *)NLMSG_DATA(h); @@ -2732,7 +2735,7 @@ static int tcp_show_netlink_file(struct filter *f) errno = -err->error; perror("TCPDIAG answered"); } - return -1; + break; } parse_diag_msg(h, &s); @@ -2741,10 +2744,15 @@ static int tcp_show_netlink_file(struct filter *f) if (f && f->f && run_ssfilter(f->f, &s) == 0) continue; - err = inet_show_sock(h, &s); - if (err < 0) - return err; + err2 = inet_show_sock(h, &s); + if (err2 < 0) { + err = err2; + break; + } } + + fclose(fp); + return err; } static int tcp_show(struct filter *f, int socktype) -- 2.13.1 ^ permalink raw reply related [flat|nested] 4+ messages in thread
* [iproute PATCH v2 2/2] tc/em_ipset: Don't leak sockfd on error path 2017-08-17 17:09 [iproute PATCH v2 0/2] Covscan: Fix potential file descriptor leaks Phil Sutter 2017-08-17 17:09 ` [iproute PATCH v2 1/2] ss: Don't leak fd in tcp_show_netlink_file() Phil Sutter @ 2017-08-17 17:09 ` Phil Sutter 2017-08-18 16:18 ` [iproute PATCH v2 0/2] Covscan: Fix potential file descriptor leaks Stephen Hemminger 2 siblings, 0 replies; 4+ messages in thread From: Phil Sutter @ 2017-08-17 17:09 UTC (permalink / raw) To: Stephen Hemminger; +Cc: netdev Signed-off-by: Phil Sutter <phil@nwl.cc> --- tc/em_ipset.c | 1 + 1 file changed, 1 insertion(+) diff --git a/tc/em_ipset.c b/tc/em_ipset.c index fab975f5ea563..b59756515d239 100644 --- a/tc/em_ipset.c +++ b/tc/em_ipset.c @@ -84,6 +84,7 @@ static int get_version(unsigned int *version) res = getsockopt(sockfd, SOL_IP, SO_IP_SET, &req_version, &size); if (res != 0) { perror("xt_set getsockopt"); + close(sockfd); return -1; } -- 2.13.1 ^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [iproute PATCH v2 0/2] Covscan: Fix potential file descriptor leaks 2017-08-17 17:09 [iproute PATCH v2 0/2] Covscan: Fix potential file descriptor leaks Phil Sutter 2017-08-17 17:09 ` [iproute PATCH v2 1/2] ss: Don't leak fd in tcp_show_netlink_file() Phil Sutter 2017-08-17 17:09 ` [iproute PATCH v2 2/2] tc/em_ipset: Don't leak sockfd on error path Phil Sutter @ 2017-08-18 16:18 ` Stephen Hemminger 2 siblings, 0 replies; 4+ messages in thread From: Stephen Hemminger @ 2017-08-18 16:18 UTC (permalink / raw) To: Phil Sutter; +Cc: netdev On Thu, 17 Aug 2017 19:09:29 +0200 Phil Sutter <phil@nwl.cc> wrote: > This series collects patches from v1 which deal with potential file > descriptor leaks. > > No changes to the actual patches, just splitting into smaller series. > > Phil Sutter (2): > ss: Don't leak fd in tcp_show_netlink_file() > tc/em_ipset: Don't leak sockfd on error path > > misc/ss.c | 32 ++++++++++++++++++++------------ > tc/em_ipset.c | 1 + > 2 files changed, 21 insertions(+), 12 deletions(-) > Applied ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2017-08-18 16:18 UTC | newest] Thread overview: 4+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2017-08-17 17:09 [iproute PATCH v2 0/2] Covscan: Fix potential file descriptor leaks Phil Sutter 2017-08-17 17:09 ` [iproute PATCH v2 1/2] ss: Don't leak fd in tcp_show_netlink_file() Phil Sutter 2017-08-17 17:09 ` [iproute PATCH v2 2/2] tc/em_ipset: Don't leak sockfd on error path Phil Sutter 2017-08-18 16:18 ` [iproute PATCH v2 0/2] Covscan: Fix potential file descriptor leaks Stephen Hemminger
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox