* [iproute PATCH v2 0/2] Covscan: Fix potential file descriptor leaks
@ 2017-08-17 17:09 Phil Sutter
2017-08-17 17:09 ` [iproute PATCH v2 1/2] ss: Don't leak fd in tcp_show_netlink_file() Phil Sutter
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Phil Sutter @ 2017-08-17 17:09 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: netdev
This series collects patches from v1 which deal with potential file
descriptor leaks.
No changes to the actual patches, just splitting into smaller series.
Phil Sutter (2):
ss: Don't leak fd in tcp_show_netlink_file()
tc/em_ipset: Don't leak sockfd on error path
misc/ss.c | 32 ++++++++++++++++++++------------
tc/em_ipset.c | 1 +
2 files changed, 21 insertions(+), 12 deletions(-)
--
2.13.1
^ permalink raw reply [flat|nested] 4+ messages in thread
* [iproute PATCH v2 1/2] ss: Don't leak fd in tcp_show_netlink_file()
2017-08-17 17:09 [iproute PATCH v2 0/2] Covscan: Fix potential file descriptor leaks Phil Sutter
@ 2017-08-17 17:09 ` Phil Sutter
2017-08-17 17:09 ` [iproute PATCH v2 2/2] tc/em_ipset: Don't leak sockfd on error path Phil Sutter
2017-08-18 16:18 ` [iproute PATCH v2 0/2] Covscan: Fix potential file descriptor leaks Stephen Hemminger
2 siblings, 0 replies; 4+ messages in thread
From: Phil Sutter @ 2017-08-17 17:09 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: netdev
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
misc/ss.c | 32 ++++++++++++++++++++------------
1 file changed, 20 insertions(+), 12 deletions(-)
diff --git a/misc/ss.c b/misc/ss.c
index d767b1103ea81..07eecfa7a36db 100644
--- a/misc/ss.c
+++ b/misc/ss.c
@@ -2687,41 +2687,44 @@ static int tcp_show_netlink_file(struct filter *f)
{
FILE *fp;
char buf[16384];
+ int err = -1;
if ((fp = fopen(getenv("TCPDIAG_FILE"), "r")) == NULL) {
perror("fopen($TCPDIAG_FILE)");
- return -1;
+ return err;
}
while (1) {
- int status, err;
+ int status, err2;
struct nlmsghdr *h = (struct nlmsghdr *)buf;
struct sockstat s = {};
status = fread(buf, 1, sizeof(*h), fp);
if (status < 0) {
perror("Reading header from $TCPDIAG_FILE");
- return -1;
+ break;
}
if (status != sizeof(*h)) {
perror("Unexpected EOF reading $TCPDIAG_FILE");
- return -1;
+ break;
}
status = fread(h+1, 1, NLMSG_ALIGN(h->nlmsg_len-sizeof(*h)), fp);
if (status < 0) {
perror("Reading $TCPDIAG_FILE");
- return -1;
+ break;
}
if (status + sizeof(*h) < h->nlmsg_len) {
perror("Unexpected EOF reading $TCPDIAG_FILE");
- return -1;
+ break;
}
/* The only legal exit point */
- if (h->nlmsg_type == NLMSG_DONE)
- return 0;
+ if (h->nlmsg_type == NLMSG_DONE) {
+ err = 0;
+ break;
+ }
if (h->nlmsg_type == NLMSG_ERROR) {
struct nlmsgerr *err = (struct nlmsgerr *)NLMSG_DATA(h);
@@ -2732,7 +2735,7 @@ static int tcp_show_netlink_file(struct filter *f)
errno = -err->error;
perror("TCPDIAG answered");
}
- return -1;
+ break;
}
parse_diag_msg(h, &s);
@@ -2741,10 +2744,15 @@ static int tcp_show_netlink_file(struct filter *f)
if (f && f->f && run_ssfilter(f->f, &s) == 0)
continue;
- err = inet_show_sock(h, &s);
- if (err < 0)
- return err;
+ err2 = inet_show_sock(h, &s);
+ if (err2 < 0) {
+ err = err2;
+ break;
+ }
}
+
+ fclose(fp);
+ return err;
}
static int tcp_show(struct filter *f, int socktype)
--
2.13.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [iproute PATCH v2 2/2] tc/em_ipset: Don't leak sockfd on error path
2017-08-17 17:09 [iproute PATCH v2 0/2] Covscan: Fix potential file descriptor leaks Phil Sutter
2017-08-17 17:09 ` [iproute PATCH v2 1/2] ss: Don't leak fd in tcp_show_netlink_file() Phil Sutter
@ 2017-08-17 17:09 ` Phil Sutter
2017-08-18 16:18 ` [iproute PATCH v2 0/2] Covscan: Fix potential file descriptor leaks Stephen Hemminger
2 siblings, 0 replies; 4+ messages in thread
From: Phil Sutter @ 2017-08-17 17:09 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: netdev
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
tc/em_ipset.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/tc/em_ipset.c b/tc/em_ipset.c
index fab975f5ea563..b59756515d239 100644
--- a/tc/em_ipset.c
+++ b/tc/em_ipset.c
@@ -84,6 +84,7 @@ static int get_version(unsigned int *version)
res = getsockopt(sockfd, SOL_IP, SO_IP_SET, &req_version, &size);
if (res != 0) {
perror("xt_set getsockopt");
+ close(sockfd);
return -1;
}
--
2.13.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [iproute PATCH v2 0/2] Covscan: Fix potential file descriptor leaks
2017-08-17 17:09 [iproute PATCH v2 0/2] Covscan: Fix potential file descriptor leaks Phil Sutter
2017-08-17 17:09 ` [iproute PATCH v2 1/2] ss: Don't leak fd in tcp_show_netlink_file() Phil Sutter
2017-08-17 17:09 ` [iproute PATCH v2 2/2] tc/em_ipset: Don't leak sockfd on error path Phil Sutter
@ 2017-08-18 16:18 ` Stephen Hemminger
2 siblings, 0 replies; 4+ messages in thread
From: Stephen Hemminger @ 2017-08-18 16:18 UTC (permalink / raw)
To: Phil Sutter; +Cc: netdev
On Thu, 17 Aug 2017 19:09:29 +0200
Phil Sutter <phil@nwl.cc> wrote:
> This series collects patches from v1 which deal with potential file
> descriptor leaks.
>
> No changes to the actual patches, just splitting into smaller series.
>
> Phil Sutter (2):
> ss: Don't leak fd in tcp_show_netlink_file()
> tc/em_ipset: Don't leak sockfd on error path
>
> misc/ss.c | 32 ++++++++++++++++++++------------
> tc/em_ipset.c | 1 +
> 2 files changed, 21 insertions(+), 12 deletions(-)
>
Applied
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2017-08-18 16:18 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-08-17 17:09 [iproute PATCH v2 0/2] Covscan: Fix potential file descriptor leaks Phil Sutter
2017-08-17 17:09 ` [iproute PATCH v2 1/2] ss: Don't leak fd in tcp_show_netlink_file() Phil Sutter
2017-08-17 17:09 ` [iproute PATCH v2 2/2] tc/em_ipset: Don't leak sockfd on error path Phil Sutter
2017-08-18 16:18 ` [iproute PATCH v2 0/2] Covscan: Fix potential file descriptor leaks Stephen Hemminger
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox