Index: trunk/configure.ac =================================================================== --- trunk/configure.ac (revision 246) +++ trunk/configure.ac (revision 247) @@ -12,5 +12,5 @@ dnl start dnl -AM_INIT_AUTOMAKE(samhain, 2.5.8a) +AM_INIT_AUTOMAKE(samhain, 2.5.9a) AC_DEFINE([SAMHAIN], 1, [Application is samhain]) AC_CANONICAL_HOST Index: trunk/docs/Changelog =================================================================== --- trunk/docs/Changelog (revision 246) +++ trunk/docs/Changelog (revision 247) @@ -1,3 +1,6 @@ -2.5.9: +2.5.9a: + * fixed a race condition in closing of file handles + +2.5.9 (11-09-2009): * added code to generate directory for pid file, since it would get cleaned if /var/run is a tmpfs mount (problem @@ -5,10 +8,11 @@ * fixed a bug that prevented reporting of user/executable path for open UDP ports (issue reported by N. Rath) - -2.5.8a: + * added more debugging code + +2.5.8a (18-08-2009): * fixed a bug in sh_files.c that would prevent samhain from running on MacOS X (reported by David) -2.5.8: +2.5.8 (06-08-2009): * fixed a bug in the MX resolver routine which causes it to fail sometimes (issue reported by N. Rath). Index: trunk/src/sh_extern.c =================================================================== --- trunk/src/sh_extern.c (revision 246) +++ trunk/src/sh_extern.c (revision 247) @@ -391,5 +391,18 @@ _exit(EXIT_FAILURE); } + pfd = get_the_fd(fd); + + do { + val_return = dup (pfd); + } while (val_return < 0 && errno == EINTR); + pfd = val_return; + if (pfd < 0) + { + PDBGC_S("fexecve: dup (2) failed"); + _exit(EXIT_FAILURE); + } + sl_close(fd); + fd = -1; } #endif @@ -426,5 +439,5 @@ sl_close(fd); else if (pfd != -1) - close(fd); + close(pfd); } #endif Index: trunk/src/sh_gpg.c =================================================================== --- trunk/src/sh_gpg.c (revision 246) +++ trunk/src/sh_gpg.c (revision 247) @@ -263,5 +263,5 @@ #if defined(HAVE_GPG_CHECKSUM) - SL_TICKET checkfd; + SL_TICKET checkfd = -1; int myrand; int i; @@ -560,4 +560,5 @@ */ sl_close(checkfd); + checkfd = -1; #endif Index: trunk/src/sh_hash.c =================================================================== --- trunk/src/sh_hash.c (revision 246) +++ trunk/src/sh_hash.c (revision 247) @@ -820,5 +820,5 @@ } - sh_fin_fd = fdopen(get_the_fd(fd), "rb"); + sh_fin_fd = fdopen(dup(get_the_fd(fd)), "rb"); if (!sh_fin_fd) { @@ -1128,5 +1128,5 @@ #if defined(WITH_GPG) || defined(WITH_PGP) extern int get_the_fd (SL_TICKET ticket); - FILE * fin_cp; + FILE * fin_cp = NULL; char * buf = NULL; @@ -1243,5 +1243,5 @@ fdTmp = open_tmp(); - fin_cp = fdopen(get_the_fd(fd), "rb"); + fin_cp = fdopen(dup(get_the_fd(fd)), "rb"); buf = SH_ALLOC(FGETS_BUF); Index: trunk/src/sh_unix.c =================================================================== --- trunk/src/sh_unix.c (revision 246) +++ trunk/src/sh_unix.c (revision 247) @@ -1279,4 +1279,9 @@ fdlimit = 65536; + if (!inchild) + sl_dropall (fdx, except); + else + sl_dropall_dirty (fdx, except); + /* Close everything from fd (inclusive) up to fdlimit (exclusive). */ @@ -1290,9 +1295,4 @@ close(fd++); } - - if (!inchild) - sl_dropall (fdx, except); - else - sl_dropall_dirty (fdx, except); SL_RET0(_("sh_unix_closeall")); Index: trunk/src/slib.c =================================================================== --- trunk/src/slib.c (revision 246) +++ trunk/src/slib.c (revision 247) @@ -1674,5 +1674,5 @@ if ( (ofiles[fd]->path = (char *) malloc(len) ) == NULL) { - free(ofiles[fd]); + free (ofiles[fd]); ofiles[fd] = NULL; SL_IRETURN(SL_EMEM, _("sl_make_ticket")); @@ -1687,4 +1687,5 @@ (void) free (ofiles[fd]->path); (void) free (ofiles[fd]); + ofiles[fd] = NULL; SL_IRETURN(ticket, _("sl_make_ticket")); } @@ -1935,5 +1936,5 @@ if ( (ofiles[fd]->path = (char *) malloc(len) ) == NULL) { - free(ofiles[fd]); + free (ofiles[fd]); ofiles[fd] = NULL; close(fd); @@ -1949,4 +1950,5 @@ (void) free (ofiles[fd]->path); (void) free (ofiles[fd]); + ofiles[fd] = NULL; close(fd); SL_IRETURN(ticket, _("sl_open_file")); @@ -2209,29 +2211,26 @@ SL_IRETURN(fd, _("sl_close")); + if (ofiles[fd] != NULL) + { #if defined(HAVE_POSIX_FADVISE) && defined(HAVE_MINCORE) && defined(POSIX_FADV_DONTNEED) - - if (ofiles[fd]->flush == SL_TRUE) - { - posix_fadvise(fd, 0, 0, POSIX_FADV_DONTNEED); - } - -#endif + if (ofiles[fd]->flush == SL_TRUE) + { + posix_fadvise(fd, 0, 0, POSIX_FADV_DONTNEED); + } +#endif + if (ofiles[fd]->content) + sh_string_destroy(&(ofiles[fd]->content)); + (void) free (ofiles[fd]->path); + (void) free (ofiles[fd]); + ofiles[fd] = NULL; + } /* This may fail, but what to do then ? */ - if (0 != close(fd) && ofiles[fd] != NULL) + if (0 != close(fd)) { TPT((0, FIL__, __LINE__, - _("msg=, path=<%s>, fd=<%d>, err=<%s>\n"), - ofiles[fd]->path, fd, strerror(errno))); - } - - if (ofiles[fd] != NULL) - { - if (ofiles[fd]->content) - sh_string_destroy(&(ofiles[fd]->content)); - (void) free(ofiles[fd]->path); - (void) free(ofiles[fd]); - ofiles[fd] = NULL; + _("msg=, fd=<%d>, err=<%s>\n"), + fd, strerror(errno))); } @@ -2248,6 +2247,6 @@ sh_string_destroy(&(ofiles[fd]->content)); if (ofiles[fd]->path != NULL) - (void) free(ofiles[fd]->path); - (void) free(ofiles[fd]); + (void) free (ofiles[fd]->path); + (void) free (ofiles[fd]); ofiles[fd] = NULL; }