ALT Linux repositórios
Group :: Sistema/Servidores
RPM: dhcp
Navegação
Main Changelog Spec Patches Sources Download Gear Bugs e FR Repocop
Patch: 0014-Prevent-file-descriptors-leak.patch
Download
Download
From 0 Mon Sep 17 00:00:00 2001
From: Mikhail Efremov <sem@altlinux.org>
Date: Thu, 25 Oct 2012 17:17:14 +0400
Subject: [PATCH 14] Prevent file descriptors leak.
Set close-on-exec flag for file descriptors.
Based on dhcp-4.2.2-CLOEXEC.patch from Fedora.
diff --git a/dhcp/client/clparse.c b/dhcp/client/clparse.c
index defaced..defaced 100644
--- a/dhcp/client/clparse.c
+++ b/dhcp/client/clparse.c
@@ -281,7 +281,7 @@ int read_client_conf_file (const char *name, struct interface_info *ip,
int token;
isc_result_t status;
- if ((file = open (name, O_RDONLY)) < 0)
+ if ((file = open (name, O_RDONLY | O_CLOEXEC)) < 0)
return uerr2isc (errno);
cfile = NULL;
@@ -357,7 +357,7 @@ void read_client_leases ()
/* Open the lease file. If we can't open it, just return -
we can safely trust the server to remember our state. */
- if ((file = open (path_dhclient_db, O_RDONLY)) < 0)
+ if ((file = open (path_dhclient_db, O_RDONLY | O_CLOEXEC)) < 0)
return;
cfile = NULL;
diff --git a/dhcp/client/dhclient.c b/dhcp/client/dhclient.c
index defaced..defaced 100644
--- a/dhcp/client/dhclient.c
+++ b/dhcp/client/dhclient.c
@@ -3997,7 +3997,7 @@ void rewrite_client_leases ()
if (leaseFile != NULL)
fclose (leaseFile);
- leaseFile = fopen (path_dhclient_db, "w");
+ leaseFile = fopen (path_dhclient_db, "we");
if (leaseFile == NULL) { log_error ("can't create %s: %m", path_dhclient_db);return;
@@ -4192,7 +4192,7 @@ write_duid(struct data_string *duid)
return DHCP_R_INVALIDARG;
if (leaseFile == NULL) { /* XXX? */- leaseFile = fopen(path_dhclient_db, "w");
+ leaseFile = fopen(path_dhclient_db, "we");
if (leaseFile == NULL) { log_error("can't create %s: %m", path_dhclient_db);return ISC_R_IOERROR;
@@ -4396,7 +4396,7 @@ int write_client_lease (client, lease, rewrite, makesure)
return 1;
if (leaseFile == NULL) { /* XXX */- leaseFile = fopen (path_dhclient_db, "w");
+ leaseFile = fopen (path_dhclient_db, "we");
if (leaseFile == NULL) { log_error ("can't create %s: %m", path_dhclient_db);return 0;
diff --git a/dhcp/common/bpf.c b/dhcp/common/bpf.c
index defaced..defaced 100644
--- a/dhcp/common/bpf.c
+++ b/dhcp/common/bpf.c
@@ -94,7 +94,7 @@ int if_register_bpf (info)
for (b = 0; 1; b++) {/* %Audit% 31 bytes max. %2004.06.17,Safe% */
snprintf(filename, sizeof(filename), BPF_FORMAT, b);
- sock = open (filename, O_RDWR, 0);
+ sock = open (filename, O_RDWR | O_CLOEXEC, 0);
if (sock < 0) { if (errno == EBUSY) {continue;
diff --git a/dhcp/common/dlpi.c b/dhcp/common/dlpi.c
index defaced..defaced 100644
--- a/dhcp/common/dlpi.c
+++ b/dhcp/common/dlpi.c
@@ -817,7 +817,7 @@ dlpiopen(const char *ifname) {}
*dp = '\0';
- return open (devname, O_RDWR, 0);
+ return open (devname, O_RDWR | O_CLOEXEC, 0);
}
/*
diff --git a/dhcp/common/nit.c b/dhcp/common/nit.c
index defaced..defaced 100644
--- a/dhcp/common/nit.c
+++ b/dhcp/common/nit.c
@@ -75,7 +75,7 @@ int if_register_nit (info)
struct strioctl sio;
/* Open a NIT device */
- sock = open ("/dev/nit", O_RDWR);+ sock = open ("/dev/nit", O_RDWR | O_CLOEXEC);if (sock < 0)
log_fatal ("Can't open NIT device for %s: %m", info -> name);diff --git a/dhcp/common/resolv.c b/dhcp/common/resolv.c
index defaced..defaced 100644
--- a/dhcp/common/resolv.c
+++ b/dhcp/common/resolv.c
@@ -43,7 +43,7 @@ void read_resolv_conf (parse_time)
struct domain_search_list *dp, *dl, *nd;
isc_result_t status;
- if ((file = open (path_resolv_conf, O_RDONLY)) < 0) {+ if ((file = open (path_resolv_conf, O_RDONLY | O_CLOEXEC)) < 0) { log_error ("Can't open %s: %m", path_resolv_conf);return;
}
diff --git a/dhcp/common/upf.c b/dhcp/common/upf.c
index defaced..defaced 100644
--- a/dhcp/common/upf.c
+++ b/dhcp/common/upf.c
@@ -71,7 +71,7 @@ int if_register_upf (info)
/* %Audit% Cannot exceed 36 bytes. %2004.06.17,Safe% */
snprintf(filename, sizeof(filename), "/dev/pf/pfilt%d", b);
- sock = open (filename, O_RDWR, 0);
+ sock = open (filename, O_RDWR | O_CLOEXEC, 0);
if (sock < 0) { if (errno == EBUSY) {continue;
diff --git a/dhcp/omapip/trace.c b/dhcp/omapip/trace.c
index defaced..defaced 100644
--- a/dhcp/omapip/trace.c
+++ b/dhcp/omapip/trace.c
@@ -136,10 +136,10 @@ isc_result_t trace_begin (const char *filename,
return DHCP_R_INVALIDARG;
}
- traceoutfile = open (filename, O_CREAT | O_WRONLY | O_EXCL, 0600);
+ traceoutfile = open (filename, O_CREAT | O_WRONLY | O_EXCL | O_CLOEXEC, 0600);
if (traceoutfile < 0 && errno == EEXIST) { log_error ("WARNING: Overwriting trace file \"%s\"", filename);- traceoutfile = open (filename, O_WRONLY | O_EXCL | O_TRUNC,
+ traceoutfile = open (filename, O_WRONLY | O_EXCL | O_TRUNC | O_CLOEXEC,
0600);
}
@@ -427,7 +427,7 @@ void trace_file_replay (const char *filename)
isc_result_t result;
int len;
- traceinfile = fopen (filename, "r");
+ traceinfile = fopen (filename, "re");
if (!traceinfile) { log_error("Can't open tracefile %s: %m", filename);return;
diff --git a/dhcp/relay/dhcrelay.c b/dhcp/relay/dhcrelay.c
index defaced..defaced 100644
--- a/dhcp/relay/dhcrelay.c
+++ b/dhcp/relay/dhcrelay.c
@@ -817,13 +817,13 @@ main(int argc, char **argv) {/* Create the pid file. */
if (no_pid_file == ISC_FALSE) {pfdesc = open(path_dhcrelay_pid,
- O_CREAT | O_TRUNC | O_WRONLY, 0644);
+ O_CREAT | O_TRUNC | O_WRONLY | O_CLOEXEC, 0644);
if (pfdesc < 0) { log_error("Can't create %s: %m",path_dhcrelay_pid);
} else {- pf = fdopen(pfdesc, "w");
+ pf = fdopen(pfdesc, "we");
if (!pf)
log_error("Can't fdopen %s: %m",path_dhcrelay_pid);
diff --git a/dhcp/server/confpars.c b/dhcp/server/confpars.c
index defaced..defaced 100644
--- a/dhcp/server/confpars.c
+++ b/dhcp/server/confpars.c
@@ -118,7 +118,7 @@ isc_result_t read_conf_file (const char *filename, struct group *group,
}
#endif
- if ((file = open (filename, O_RDONLY)) < 0) {+ if ((file = open (filename, O_RDONLY | O_CLOEXEC)) < 0) { if (leasep) { log_error ("Can't open lease database %s: %m --",path_dhcpd_db);
diff --git a/dhcp/server/db.c b/dhcp/server/db.c
index defaced..defaced 100644
--- a/dhcp/server/db.c
+++ b/dhcp/server/db.c
@@ -1105,7 +1105,7 @@ void db_startup (int test_mode)
* Therefore, in test mode we need to point db_file to a disposable
* file to protect the original lease file. */
current_db_path = (test_mode ? "/dev/null" : path_dhcpd_db);
- db_file = fopen (current_db_path, "a");
+ db_file = fopen (current_db_path, "ae");
if (!db_file) { log_fatal ("Can't open %s for append.", current_db_path);}
@@ -1154,7 +1154,7 @@ int new_lease_file (int test_mode)
path_dhcpd_db, (int)t) >= sizeof newfname)
log_fatal("new_lease_file: lease file path too long");- db_fd = open (newfname, O_WRONLY | O_TRUNC | O_CREAT, 0664);
+ db_fd = open (newfname, O_WRONLY | O_TRUNC | O_CREAT | O_CLOEXEC, 0664);
if (db_fd < 0) { log_error ("Can't create new lease file: %m");return 0;
@@ -1175,7 +1175,7 @@ int new_lease_file (int test_mode)
}
#endif /* PARANOIA */
- if ((new_db_file = fdopen(db_fd, "w")) == NULL) {+ if ((new_db_file = fdopen(db_fd, "we")) == NULL) { log_error("Can't fdopen new lease file: %m");close(db_fd);
goto fdfail;
diff --git a/dhcp/server/dhcpd.c b/dhcp/server/dhcpd.c
index defaced..defaced 100644
--- a/dhcp/server/dhcpd.c
+++ b/dhcp/server/dhcpd.c
@@ -942,7 +942,7 @@ main(int argc, char **argv) {* appropriate.
*/
if (no_pid_file == ISC_FALSE) {- i = open(path_dhcpd_pid, O_WRONLY|O_CREAT|O_TRUNC, 0644);
+ i = open(path_dhcpd_pid, O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC, 0644);
if (i >= 0) {snprintf(pbuf, sizeof(pbuf), "%d\n", (int) getpid());
if (write (i, pbuf, strlen (pbuf)) != strlen (pbuf))
diff --git a/dhcp/server/ldap.c b/dhcp/server/ldap.c
index defaced..defaced 100644
--- a/dhcp/server/ldap.c
+++ b/dhcp/server/ldap.c
@@ -1447,7 +1447,7 @@ ldap_start (void)
if (ldap_debug_file != NULL && ldap_debug_fd == -1)
{- if ((ldap_debug_fd = open (ldap_debug_file, O_CREAT | O_TRUNC | O_WRONLY,
+ if ((ldap_debug_fd = open (ldap_debug_file, O_CREAT | O_TRUNC | O_WRONLY | O_CLOEXEC,
S_IRUSR | S_IWUSR)) < 0)
log_error ("Error opening debug LDAP log file %s: %s", ldap_debug_file,strerror (errno));