From: Rich Felker <dalias@libc.org>
To: musl@lists.openwall.com
Subject: Re: Add login_tty
Date: Sat, 1 Nov 2014 17:45:03 -0400 [thread overview]
Message-ID: <20141101214503.GK22465@brightrain.aerifal.cx> (raw)
In-Reply-To: <20141101211523.GA13145@euler>
On Sat, Nov 01, 2014 at 10:15:23PM +0100, Felix Janda wrote:
> > But in this case they're not correct:
> >
> > > int forkpty(int *m, char *name, const struct termios *tio, const struct winsize *ws)
> > > {
> > > - int s, t, i, istmp[3]={0};
> > > + int s;
> > > pid_t pid;
> > >
> > > if (openpty(m, &s, name, tio, ws) < 0) return -1;
> > >
> > > - /* Ensure before forking that we don't exceed fd limit */
> > > - for (i=0; i<3; i++) {
> > > - if (fcntl(i, F_GETFL) < 0) {
> > > - t = fcntl(s, F_DUPFD, i);
> > > - if (t<0) break;
> > > - else if (t!=i) close(t);
> > > - else istmp[i] = 1;
> > > - }
> > > - }
> >
> > This loop is checking whether fd 0/1/2 are already open in the parent,
> > and if not, temporarily allocating them prior to fork to detect an
> > error before fork, since we can't handle errors after fork. The idea
> > is that dup2 might fail when dup'ing onto an unallocated fd, but
> > should never fail when atomically replacing an existing one. I'm not
> > 100% sure this is correct -- the kernel might deallocate some resource
> > then reallocate, rather than using in-place, in which case there would
> > be a resource exhaustion leak -- but that's at least the intent of the
> > code.
>
> I still don't understand how dup2 can fail when fd 0/1/2 are not open in
> the parent. AFAIU, limits on the number of open fds are imposed by an
> upper bound on the value of any fd. For the dup2 calls we know that the
> newfds are certainly within the limits.
Indeed, looking at the kernel code, I don't see any error paths where
this operation could fail. I had figured some allocations might be
needed to represent the new fd in the fd table, but it seems not. So
the current code is probably unnecessary.
> > > +int login_tty(int fd)
> > > +{
> > > + setsid();
> > > + if (ioctl(fd, TIOCSCTTY, (char *)0)) return -1;
> > > + dup2(fd, 0);
> > > + dup2(fd, 1);
> > > + dup2(fd, 2);
> > > + if (fd>2) close(fd);
> > > + return 0;
> > > +}
> >
> > Is login_tty supposed to close the fd passed to it?
>
> The man page says so.
OK. Surprising, but whatever. :)
In that case maybe your patch is okay as-is, aside from needing to be
factored into two changes -- one for removing useless code and the
other for separating-out login_tty.
Rich
next prev parent reply other threads:[~2014-11-01 21:45 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-25 18:57 Felix Janda
2014-08-25 22:43 ` Rich Felker
2014-08-26 16:56 ` Felix Janda
2014-08-29 18:44 ` Felix Janda
2014-09-04 21:22 ` Szabolcs Nagy
2014-09-04 21:33 ` Rich Felker
2014-09-04 22:31 ` Justin Cormack
2014-09-05 17:23 ` Felix Janda
2014-09-05 17:29 ` Rich Felker
2014-09-05 18:52 ` Felix Janda
2014-10-31 16:19 ` Rich Felker
2014-11-01 21:15 ` Felix Janda
2014-11-01 21:45 ` Rich Felker [this message]
2014-11-01 22:07 ` Szabolcs Nagy
2014-11-01 22:27 ` Felix Janda
2014-11-01 22:43 ` Rich Felker
2014-11-01 22:56 ` Felix Janda
2014-11-02 0:09 ` Rich Felker
2014-11-02 14:19 ` Felix Janda
2014-11-02 16:28 ` Rich Felker
2014-11-02 18:56 ` Felix Janda
2014-11-02 22:28 ` Rich Felker
2014-11-03 18:29 ` Felix Janda
2014-12-21 0:58 ` Rich Felker
2014-12-21 1:15 ` Rich Felker
2014-12-21 1:38 ` Rich Felker
2014-12-21 2:59 ` Rich Felker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20141101214503.GK22465@brightrain.aerifal.cx \
--to=dalias@libc.org \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).