[libvirt] [PATCH] virExec: avoid undefined behavior
Laine Stump
laine at laine.org
Fri Dec 10 19:36:41 UTC 2010
On 12/03/2010 05:03 PM, Eric Blake wrote:
> * src/util/util.c (__virExec): Don't use FD_ISSET on out-of-bounds fd.
> ---
>
> Noticed this one by inspection, while investigating
> https://bugzilla.redhat.com/show_bug.cgi?id=659855
>
> Don't know if it's the root cause of the crash in that bug, though.
>
> src/util/util.c | 3 +--
> 1 files changed, 1 insertions(+), 2 deletions(-)
>
> diff --git a/src/util/util.c b/src/util/util.c
> index 79ca5d3..1b5bc68 100644
> --- a/src/util/util.c
> +++ b/src/util/util.c
> @@ -570,8 +570,7 @@ __virExec(const char *const*argv,
> i != null&&
> i != childout&&
> i != childerr&&
> - (!keepfd ||
> - !FD_ISSET(i, keepfd))) {
> + (!keepfd || (i< FD_SETSIZE&& !FD_ISSET(i, keepfd)))) {
> tmpfd = i;
> VIR_FORCE_CLOSE(tmpfd);
> }
ACK. Definitely this could be bad news if OPEN_MAX > FD_SETSIZE, and
even if that's not possible, it doesn't hurt to check anyway.
More information about the libvir-list
mailing list