[Reproducible-commits] [dpkg] 04/10: s-s-d: Do not leak kvm descriptors
Holger Levsen
holger at layer-acht.org
Tue May 3 08:44:18 UTC 2016
This is an automated email from the git hooks/post-receive script.
holger pushed a commit to annotated tag 1.17.25
in repository dpkg.
commit eaa073bc37901a6d8c46abc9fa5e7ec5551df04b
Author: Guillem Jover <guillem at debian.org>
Date: Sun Mar 1 22:22:04 2015 +0100
s-s-d: Do not leak kvm descriptors
We should close the kvm instances after every operation, so not to leak
them, as they might exhaust the file descriptor pool, or leak into the
started process.
Closes: #779467
Based-on-patch-by: Jeff Epler <jepler at unpythonic.net>
---
debian/changelog | 4 ++++
utils/start-stop-daemon.c | 44 ++++++++++++++++++++++++++++++++++----------
2 files changed, 38 insertions(+), 10 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 8238c6e..c53b757 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,5 +1,9 @@
dpkg (1.17.25) UNRELEASED; urgency=low
+ [ Guillem Jover ]
+ * Do not leak kvm descriptors in start-stop-daemon on GNU/kFreeBSD systems.
+ Based on a patch by Jeff Epler <jepler at unpythonic.net>. Closes: #779467
+
[ Updated programs translations ]
* Dutch (Frans Spiesschaert). Closes: #779953
* Hungarian (Úr Balázs).
diff --git a/utils/start-stop-daemon.c b/utils/start-stop-daemon.c
index 6aebe9b..5ab6df5 100644
--- a/utils/start-stop-daemon.c
+++ b/utils/start-stop-daemon.c
@@ -1374,11 +1374,12 @@ pid_is_exec(pid_t pid, const struct stat *esb)
char buf[_POSIX2_LINE_MAX];
char **pid_argv_p;
char *start_argv_0_p, *end_argv_0_p;
+ bool res = false;
kd = ssd_kvm_open();
kp = ssd_kvm_get_procs(kd, KERN_PROC_PID, pid, NULL);
if (kp == NULL)
- return false;
+ goto cleanup;
pid_argv_p = kvm_getargv(kd, kp, argv_len);
if (pid_argv_p == NULL)
@@ -1403,9 +1404,14 @@ pid_is_exec(pid_t pid, const struct stat *esb)
}
if (stat(start_argv_0_p, &sb) != 0)
- return false;
+ goto cleanup;
- return (sb.st_dev == esb->st_dev && sb.st_ino == esb->st_ino);
+ res = (sb.st_dev == esb->st_dev && sb.st_ino == esb->st_ino);
+
+cleanup:
+ kvm_close(kd);
+
+ return res;
}
#endif
@@ -1460,11 +1466,12 @@ pid_is_child(pid_t pid, pid_t ppid)
kvm_t *kd;
struct kinfo_proc *kp;
pid_t proc_ppid;
+ bool res = false;
kd = ssd_kvm_open();
kp = ssd_kvm_get_procs(kd, KERN_PROC_PID, pid, NULL);
if (kp == NULL)
- return false;
+ goto cleanup;
#if defined(OSFreeBSD)
proc_ppid = kp->ki_ppid;
@@ -1476,7 +1483,12 @@ pid_is_child(pid_t pid, pid_t ppid)
proc_ppid = kp->kp_proc.p_ppid;
#endif
- return proc_ppid == ppid;
+ res = (proc_ppid == ppid);
+
+cleanup:
+ kvm_close(kd);
+
+ return res;
}
#endif
@@ -1518,11 +1530,12 @@ pid_is_user(pid_t pid, uid_t uid)
kvm_t *kd;
uid_t proc_uid;
struct kinfo_proc *kp;
+ bool res = false;
kd = ssd_kvm_open();
kp = ssd_kvm_get_procs(kd, KERN_PROC_PID, pid, NULL);
if (kp == NULL)
- return false;
+ goto cleanup;
#if defined(OSFreeBSD)
proc_uid = kp->ki_ruid;
@@ -1535,10 +1548,15 @@ pid_is_user(pid_t pid, uid_t uid)
kvm_read(kd, (u_long)&(kp->kp_proc.p_cred->p_ruid),
&proc_uid, sizeof(uid_t));
else
- return false;
+ goto cleanup;
#endif
- return (proc_uid == (uid_t)uid);
+ res = (proc_uid == (uid_t)uid);
+
+cleanup:
+ kvm_close(kd);
+
+ return res;
}
#endif
@@ -1602,11 +1620,12 @@ pid_is_cmd(pid_t pid, const char *name)
kvm_t *kd;
struct kinfo_proc *kp;
char *process_name;
+ bool res = false;
kd = ssd_kvm_open();
kp = ssd_kvm_get_procs(kd, KERN_PROC_PID, pid, NULL);
if (kp == NULL)
- return false;
+ goto cleanup;
#if defined(OSFreeBSD)
process_name = kp->ki_comm;
@@ -1618,7 +1637,12 @@ pid_is_cmd(pid_t pid, const char *name)
process_name = kp->kp_proc.p_comm;
#endif
- return (strcmp(name, process_name) == 0);
+ res = (strcmp(name, process_name) == 0);
+
+cleanup:
+ kvm_close(kd);
+
+ return res;
}
#endif
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/reproducible/dpkg.git
More information about the Reproducible-commits
mailing list