[libvirt] [PATCHv2] waitpid: improve safety
Daniel P. Berrange
berrange at redhat.com
Mon Oct 24 07:58:06 UTC 2011
On Fri, Oct 21, 2011 at 02:30:28PM -0600, Eric Blake wrote:
> Based on a report by Coverity. waitpid() can leak resources if it
> fails with EINTR, so it should never be used without checking return
> status. But we already have a helper function that does that, so
> use it in more places.
>
> * src/lxc/lxc_controller.c (lxcPidGone): Check waitpid return
> value.
> (lxcControllerRun): Use simpler virPidAbort.
> * src/lxc/lxc_container.c (lxcContainerAvailable): Use safer
> virWaitPid.
> * daemon/libvirtd.c (daemonForkIntoBackground): Likewise.
> * tests/testutils.c (virtTestCaptureProgramOutput, virtTestMain):
> Likewise.
> * src/libvirt.c (virConnectAuthGainPolkit): Simplify with virCommand.
> ---
>
> diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
> index c4e7832..5cc7cb9 100644
> --- a/src/lxc/lxc_controller.c
> +++ b/src/lxc/lxc_controller.c
> @@ -59,6 +59,7 @@
> #include "util.h"
> #include "virfile.h"
> #include "virpidfile.h"
> +#include "command.h"
>
> #define VIR_FROM_THIS VIR_FROM_LXC
>
> @@ -515,7 +516,8 @@ ignorable_epoll_accept_errno(int errnum)
> static bool
> lxcPidGone(pid_t container)
> {
> - waitpid(container, NULL, WNOHANG);
> + if (waitpid(container, NULL, WNOHANG) < 0)
> + return false;
>
> if (kill(container, 0) < 0 &&
> errno == ESRCH)
> @@ -1021,14 +1023,8 @@ cleanup:
> VIR_FORCE_CLOSE(loopDevs[i]);
> VIR_FREE(loopDevs);
>
> - if (container > 1) {
> - int status;
> - kill(container, SIGTERM);
> - if (!(waitpid(container, &status, WNOHANG) == 0 &&
> - WIFEXITED(status)))
> - kill(container, SIGKILL);
> - waitpid(container, NULL, 0);
> - }
> + virPidAbort(container);
> +
> return rc;
> }
>
This entire method goes away on my patches here
https://www.redhat.com/archives/libvir-list/2011-October/msg00974.html
ACK to the other chunks
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvir-list
mailing list