[libvirt] [PATCH] Fix F_DUPFD_CLOEXEC operation args
From: "Daniel P. Berrange" <berrange@redhat.com> The F_DUPFD_CLOEXEC operation with fcntl() expects a single int argument, specifying the minimum FD number for the newly dup'd file descriptor. We were not specifying that causing random stack data to be accessed as the FD number. Sometimes that worked, sometimes it didn't. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> --- src/rpc/virnetsocket.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c index e950d7f..dcf98b1 100644 --- a/src/rpc/virnetsocket.c +++ b/src/rpc/virnetsocket.c @@ -1055,7 +1055,7 @@ int virNetSocketDupFD(virNetSocketPtr sock, bool cloexec) int fd; if (cloexec) - fd = fcntl(sock->fd, F_DUPFD_CLOEXEC); + fd = fcntl(sock->fd, F_DUPFD_CLOEXEC, 0); else fd = dup(sock->fd); if (fd < 0) { -- 1.8.2.1
On 05/03/2013 04:12 AM, Daniel P. Berrange wrote:
From: "Daniel P. Berrange" <berrange@redhat.com>
The F_DUPFD_CLOEXEC operation with fcntl() expects a single int argument, specifying the minimum FD number for the newly dup'd file descriptor. We were not specifying that causing random stack data to be accessed as the FD number. Sometimes that worked, sometimes it didn't.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com> --- src/rpc/virnetsocket.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
Bug introduced in commit f4287c76 in Aug 2011. ACK.
diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c index e950d7f..dcf98b1 100644 --- a/src/rpc/virnetsocket.c +++ b/src/rpc/virnetsocket.c @@ -1055,7 +1055,7 @@ int virNetSocketDupFD(virNetSocketPtr sock, bool cloexec) int fd;
if (cloexec) - fd = fcntl(sock->fd, F_DUPFD_CLOEXEC); + fd = fcntl(sock->fd, F_DUPFD_CLOEXEC, 0); else fd = dup(sock->fd); if (fd < 0) {
-- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
On 05/03/2013 06:06 AM, Eric Blake wrote:
On 05/03/2013 04:12 AM, Daniel P. Berrange wrote:
From: "Daniel P. Berrange" <berrange@redhat.com>
The F_DUPFD_CLOEXEC operation with fcntl() expects a single int argument, specifying the minimum FD number for the newly dup'd file descriptor. We were not specifying that causing random stack data to be accessed as the FD number. Sometimes that worked, sometimes it didn't.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com> --- src/rpc/virnetsocket.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
Bug introduced in commit f4287c76 in Aug 2011. ACK.
I feel stupid for my poor review of this: https://www.redhat.com/archives/libvir-list/2011-August/msg00588.html A cast is not needed (the arg is int, not long), but the arg IS needed, just as F_DUPFD needs an arg. /me goes and hangs head in shame for a few minutes ;( -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
Il 03/05/2013 06:12, Daniel P. Berrange ha scritto:
From: "Daniel P. Berrange" <berrange@redhat.com>
The F_DUPFD_CLOEXEC operation with fcntl() expects a single int argument, specifying the minimum FD number for the newly dup'd file descriptor. We were not specifying that causing random stack data to be accessed as the FD number. Sometimes that worked, sometimes it didn't.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com> --- src/rpc/virnetsocket.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c index e950d7f..dcf98b1 100644 --- a/src/rpc/virnetsocket.c +++ b/src/rpc/virnetsocket.c @@ -1055,7 +1055,7 @@ int virNetSocketDupFD(virNetSocketPtr sock, bool cloexec) int fd;
if (cloexec) - fd = fcntl(sock->fd, F_DUPFD_CLOEXEC); + fd = fcntl(sock->fd, F_DUPFD_CLOEXEC, 0); else fd = dup(sock->fd); if (fd < 0) {
Hi Cole, can you add this to 1.0.5-maint please? Thanks! Paolo
On 06/11/2013 10:51 AM, Paolo Bonzini wrote:
Il 03/05/2013 06:12, Daniel P. Berrange ha scritto:
From: "Daniel P. Berrange" <berrange@redhat.com>
The F_DUPFD_CLOEXEC operation with fcntl() expects a single int argument, specifying the minimum FD number for the newly dup'd file descriptor. We were not specifying that causing random stack data to be accessed as the FD number. Sometimes that worked, sometimes it didn't.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com> --- src/rpc/virnetsocket.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c index e950d7f..dcf98b1 100644 --- a/src/rpc/virnetsocket.c +++ b/src/rpc/virnetsocket.c @@ -1055,7 +1055,7 @@ int virNetSocketDupFD(virNetSocketPtr sock, bool cloexec) int fd;
if (cloexec) - fd = fcntl(sock->fd, F_DUPFD_CLOEXEC); + fd = fcntl(sock->fd, F_DUPFD_CLOEXEC, 0); else fd = dup(sock->fd); if (fd < 0) {
Hi Cole,
can you add this to 1.0.5-maint please?
As mentioned on IRC, looks like this is already in 1.0.5-maint and was released in 1.0.5.1 - Cole
participants (4)
-
Cole Robinson -
Daniel P. Berrange -
Eric Blake -
Paolo Bonzini