From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:40241) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aIjbP-0001gM-QC for qemu-devel@nongnu.org; Mon, 11 Jan 2016 16:02:12 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1aIjbL-0004EL-Q7 for qemu-devel@nongnu.org; Mon, 11 Jan 2016 16:02:11 -0500 Received: from mx1.redhat.com ([209.132.183.28]:57697) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aIjbL-0004E8-K7 for qemu-devel@nongnu.org; Mon, 11 Jan 2016 16:02:07 -0500 Received: from int-mx09.intmail.prod.int.phx2.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by mx1.redhat.com (Postfix) with ESMTPS id 9D487744 for ; Mon, 11 Jan 2016 21:02:06 +0000 (UTC) References: <1452517549-8515-1-git-send-email-berrange@redhat.com> From: Paolo Bonzini Message-ID: <5694184A.8000501@redhat.com> Date: Mon, 11 Jan 2016 22:02:02 +0100 MIME-Version: 1.0 In-Reply-To: <1452517549-8515-1-git-send-email-berrange@redhat.com> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH] io: some fixes to handling of /dev/null when running commands List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "Daniel P. Berrange" , qemu-devel@nongnu.org On 11/01/2016 14:05, Daniel P. Berrange wrote: > The /dev/null file handle was leaked in a couple of places. > There is also the possibility that both readfd and writefd > point to the same /dev/null file handle, so care must be > taken not to close the same file handle twice. > > Signed-off-by: Daniel P. Berrange > --- > io/channel-command.c | 22 ++++++++++++++++------ > 1 file changed, 16 insertions(+), 6 deletions(-) > > diff --git a/io/channel-command.c b/io/channel-command.c > index a220fe8..a9c67aa 100644 > --- a/io/channel-command.c > +++ b/io/channel-command.c > @@ -66,7 +66,7 @@ qio_channel_command_new_spawn(const char *const argv[], > > if (stdinnull || stdoutnull) { > devnull = open("/dev/null", O_RDWR); > - if (!devnull) { > + if (devnull < 0) { > error_setg_errno(errp, errno, > "Unable to open /dev/null"); > goto error; > @@ -98,6 +98,9 @@ qio_channel_command_new_spawn(const char *const argv[], > close(stdoutfd[0]); > close(stdoutfd[1]); > } > + if (devnull != -1) { > + close(devnull); > + } > > execv(argv[0], (char * const *)argv); > _exit(1); > @@ -117,6 +120,9 @@ qio_channel_command_new_spawn(const char *const argv[], > return ioc; > > error: > + if (devnull != -1) { > + close(devnull); > + } > if (stdinfd[0] != -1) { > close(stdinfd[0]); > } > @@ -202,12 +208,12 @@ static void qio_channel_command_finalize(Object *obj) > QIOChannelCommand *ioc = QIO_CHANNEL_COMMAND(obj); > if (ioc->readfd != -1) { > close(ioc->readfd); > - ioc->readfd = -1; > } > - if (ioc->writefd != -1) { > + if (ioc->writefd != -1 && > + ioc->writefd != ioc->readfd) { > close(ioc->writefd); > - ioc->writefd = -1; > } > + ioc->writefd = ioc->readfd = -1; > if (ioc->pid > 0) { > #ifndef WIN32 > qio_channel_command_abort(ioc, NULL); > @@ -299,12 +305,16 @@ static int qio_channel_command_close(QIOChannel *ioc, > /* We close FDs before killing, because that > * gives a better chance of clean shutdown > */ > - if (close(cioc->writefd) < 0) { > + if (cioc->readfd != -1 && > + close(cioc->readfd) < 0) { > rv = -1; > } > - if (close(cioc->readfd) < 0) { > + if (cioc->writefd != -1 && > + cioc->writefd != cioc->readfd && > + close(cioc->writefd) < 0) { > rv = -1; > } > + cioc->writefd = cioc->readfd = -1; > #ifndef WIN32 > if (qio_channel_command_abort(cioc, errp) < 0) { > return -1; > Reviewed-by: Paolo Bonzini