-
Notifications
You must be signed in to change notification settings - Fork 2.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
datapath/linux/arp: avoid leaking sock fd if unix.SetNonblock fails in func listen #15646
datapath/linux/arp: avoid leaking sock fd if unix.SetNonblock fails in func listen #15646
Conversation
…n func listen At this point, the sock fd is not yet wrapped in an *os.File, so it needs to be closed explicitly on error. Signed-off-by: Tobias Klauser <tobias@cilium.io>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
How did you find this? With a static analysis tool?
Nope, just caught this through manual code review. I manually checked whether we have any other cases of this (grepped for |
test-me-please |
BPF checkpatch is complaining about the commit subject length: https://github.com/cilium/cilium/pull/15646/checks?check_run_id=2322742643 All other tests passed and necessary reviews are in. Marking as ready to merge. |
At this point, the sock fd is not yet wrapped in an *os.File, so it
needs to be closed explicitly on error.