Changeset 247

Timestamp:

Sep 17, 2009, 10:22:48 PM (15 years ago)

Author:

katerina

Message:

Fix a race condition that might have caused ticket #163.

Location:

trunk

Files:

• configure.ac (modified) (1 diff)
• docs/Changelog (modified) (2 diffs)
• src/sh_extern.c (modified) (2 diffs)
• src/sh_gpg.c (modified) (2 diffs)
• src/sh_hash.c (modified) (3 diffs)
• src/sh_unix.c (modified) (2 diffs)
• src/slib.c (modified) (6 diffs)

trunk/configure.ac

@@ -12 +12 @@
 dnl start
 dnl
-AM_INIT_AUTOMAKE(samhain, 2.5.8a)
+AM_INIT_AUTOMAKE(samhain, 2.5.9a)
 AC_DEFINE([SAMHAIN], 1, [Application is samhain])
 AC_CANONICAL_HOST

trunk/docs/Changelog

@@ -1 @@
-2.5.9:
+2.5.9a:
+        * fixed a race condition in closing of file handles
+
+2.5.9 (11-09-2009):
         * added code to generate directory for pid file, since it
           would get cleaned if /var/run is a tmpfs mount (problem
@@ -5 +8 @@
         * fixed a bug that prevented reporting of user/executable path
           for open UDP ports (issue reported by N. Rath)
-
-2.5.8a:
+        * added more debugging code
+
+2.5.8a (18-08-2009):
         * fixed a bug in sh_files.c that would prevent samhain from
           running on MacOS X (reported by David)
 
-2.5.8:
+2.5.8 (06-08-2009):
         * fixed a bug in the MX resolver routine which causes it to fail 
           sometimes (issue reported by N. Rath).

trunk/src/sh_extern.c

@@ -391 +391 @@
                       _exit(EXIT_FAILURE);
                     }
+
                   pfd = get_the_fd(fd);
+
+                  do {
+                    val_return = dup (pfd);
+                  } while (val_return < 0 && errno == EINTR);
+                  pfd = val_return;
+                  if (pfd < 0)
+                    {
+                      PDBGC_S("fexecve: dup (2) failed");
+                      _exit(EXIT_FAILURE);
+                    }
+                  sl_close(fd);
+                  fd = -1;
                 }
 #endif
@@ -426 +439 @@
                 sl_close(fd);
               else if (pfd != -1)
-                close(fd);
+                close(pfd);
             }
 #endif

trunk/src/sh_gpg.c

@@ -263 +263 @@
 
 #if defined(HAVE_GPG_CHECKSUM)
-  SL_TICKET   checkfd;
+  SL_TICKET   checkfd = -1;
   int         myrand;
   int         i;
@@ -560 +560 @@
        */
       sl_close(checkfd);
+      checkfd = -1;
 #endif
 

trunk/src/sh_hash.c

@@ -820 +820 @@
     }
 
-  sh_fin_fd = fdopen(get_the_fd(fd), "rb");
+  sh_fin_fd = fdopen(dup(get_the_fd(fd)), "rb");
   if (!sh_fin_fd)
     {
@@ -1128 +1128 @@
 #if defined(WITH_GPG) || defined(WITH_PGP)
   extern int get_the_fd (SL_TICKET ticket);
-  FILE *   fin_cp;
+  FILE *   fin_cp = NULL;
 
   char * buf  = NULL;
@@ -1243 +1243 @@
   fdTmp = open_tmp();
 
-  fin_cp = fdopen(get_the_fd(fd), "rb");
+  fin_cp = fdopen(dup(get_the_fd(fd)), "rb");
   buf = SH_ALLOC(FGETS_BUF);
 

trunk/src/sh_unix.c

@@ -1279 +1279 @@
     fdlimit = 65536;
 
+  if (!inchild)
+    sl_dropall (fdx, except);
+  else
+    sl_dropall_dirty (fdx, except);
+
   /* Close everything from fd (inclusive) up to fdlimit (exclusive). 
    */
@@ -1290 +1295 @@
         close(fd++);
     }
-
-  if (!inchild)
-    sl_dropall (fdx, except);
-  else
-    sl_dropall_dirty (fdx, except);
 
   SL_RET0(_("sh_unix_closeall"));

trunk/src/slib.c

@@ -1674 +1674 @@
   if ( (ofiles[fd]->path = (char *) malloc(len) ) == NULL)
     {
-      free(ofiles[fd]);
+      free (ofiles[fd]);
       ofiles[fd] = NULL;
       SL_IRETURN(SL_EMEM, _("sl_make_ticket"));
@@ -1687 +1687 @@
       (void) free (ofiles[fd]->path);
       (void) free (ofiles[fd]);
+      ofiles[fd] = NULL;
       SL_IRETURN(ticket, _("sl_make_ticket"));
     }
@@ -1935 +1936 @@
   if ( (ofiles[fd]->path = (char *) malloc(len) ) == NULL)
     {
-      free(ofiles[fd]);
+      free (ofiles[fd]);
       ofiles[fd] = NULL;
       close(fd);
@@ -1949 +1950 @@
       (void) free (ofiles[fd]->path);
       (void) free (ofiles[fd]);
+      ofiles[fd] = NULL;
       close(fd);
       SL_IRETURN(ticket, _("sl_open_file"));
@@ -2209 +2211 @@
     SL_IRETURN(fd, _("sl_close"));
 
+  if (ofiles[fd] != NULL)
+    {
 #if defined(HAVE_POSIX_FADVISE) && defined(HAVE_MINCORE) && defined(POSIX_FADV_DONTNEED)
-
-  if (ofiles[fd]->flush == SL_TRUE)
-    {
-      posix_fadvise(fd, 0, 0, POSIX_FADV_DONTNEED);
-    }
-
-#endif
+      if (ofiles[fd]->flush == SL_TRUE)
+        {
+          posix_fadvise(fd, 0, 0, POSIX_FADV_DONTNEED);
+        }
+#endif
+      if (ofiles[fd]->content)
+        sh_string_destroy(&(ofiles[fd]->content));
+      (void) free (ofiles[fd]->path);
+      (void) free (ofiles[fd]);
+      ofiles[fd] = NULL;
+    }
 
   /* This may fail, but what to do then ?
    */
-  if (0 != close(fd) && ofiles[fd] != NULL)
+  if (0 != close(fd))
     {
       TPT((0, FIL__, __LINE__, 
-           _("msg=<Error closing file.>, path=<%s>, fd=<%d>, err=<%s>\n"), 
-           ofiles[fd]->path, fd, strerror(errno)));
-    }
-
-  if (ofiles[fd] != NULL)
-    {
-      if (ofiles[fd]->content)
-        sh_string_destroy(&(ofiles[fd]->content));
-      (void) free(ofiles[fd]->path);
-      (void) free(ofiles[fd]);
-      ofiles[fd] = NULL;
+           _("msg=<Error closing file.>, fd=<%d>, err=<%s>\n"), 
+           fd, strerror(errno)));
     }
 
@@ -2248 +2247 @@
             sh_string_destroy(&(ofiles[fd]->content));
           if (ofiles[fd]->path != NULL)
-            (void) free(ofiles[fd]->path);
-          (void) free(ofiles[fd]);
+            (void) free (ofiles[fd]->path);
+          (void) free (ofiles[fd]);
           ofiles[fd] = NULL;
         }