[libvirt] [PATCH] Avoid closing uninitialized FDs when LXC startup fails

From: "Daniel P. Berrange" <berrange@redhat.com> If an LXC domain failed to start because of a bogus SELinux label, virLXCProcessStart would call VIR_CLOSE(0) by mistake. This is because the code which initializes the member of the ttyFDs array to -1 got moved too far away from the place where the array is first allocated. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> --- src/lxc/lxc_process.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/src/lxc/lxc_process.c b/src/lxc/lxc_process.c index cad6402..942d375 100644 --- a/src/lxc/lxc_process.c +++ b/src/lxc/lxc_process.c @@ -1077,6 +1077,8 @@ int virLXCProcessStart(virConnectPtr conn, virReportOOMError(); goto cleanup; } + for (i = 0 ; i < vm->def->nconsoles ; i++) + ttyFDs[i] = -1; /* If you are using a SecurityDriver with dynamic labelling, then generate a security label for isolation */ @@ -1096,9 +1098,6 @@ int virLXCProcessStart(virConnectPtr conn, vm->def, NULL) < 0) goto cleanup; - for (i = 0 ; i < vm->def->nconsoles ; i++) - ttyFDs[i] = -1; - for (i = 0 ; i < vm->def->nconsoles ; i++) { char *ttyPath; if (vm->def->consoles[i]->source.type != VIR_DOMAIN_CHR_TYPE_PTY) { -- 1.8.1.4

On 03/13/2013 11:32 AM, Daniel P. Berrange wrote:
From: "Daniel P. Berrange" <berrange@redhat.com>
If an LXC domain failed to start because of a bogus SELinux label, virLXCProcessStart would call VIR_CLOSE(0) by mistake. This is because the code which initializes the member of the ttyFDs array to -1 got moved too far away from the place where the array is first allocated.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com> --- src/lxc/lxc_process.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-)
ACK.
+ for (i = 0 ; i < vm->def->nconsoles ; i++) + ttyFDs[i] = -1;
Is it any more efficient to write: memset(ttyFDs, -1, sizeof(ttyFDs[0]) * vm->def->nconsoles); But it's probably not a critical path, and I'm not sure the rewrite adds any legibility, so it is probably just a premature micro-optimization. -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
participants (2)
-
Daniel P. Berrange
-
Eric Blake