Permalink
Browse files

Fd leaks (#1258)

* Make sure the fd opened by reserve_fd() doesn't stay open across reboots.

* Fix an OpenSSL caused file descriptor leak.
  • Loading branch information...
shawnw committed Oct 21, 2018
1 parent fef5022 commit 8965e116e0b63c6f6cc7e428c5fc3d7c6ecc03f4
Showing with 22 additions and 21 deletions.
  1. +1 −0 CHANGES.188.md
  2. +2 −0 config.h.in
  3. +2 −14 configure
  4. +1 −1 configure.in
  5. +10 −3 src/bsd.c
  6. +6 −3 src/game.c
@@ -64,3 +64,4 @@ Fixes
* `add_function` in .cnf files was not properly using the upper case'd string. [#1223, MT]
* Various PCRE calls in the softcode have had CPU time limit watchdogs added. Discovered by Ashen-Shugar. [GM]
* Fixed a potential overflow bug in `@search`. Reported by eery. [MG]
* Fix a file descriptor leak caused by recent OpenSSL versions. [SW]
@@ -300,6 +300,8 @@ typedef bool _Bool;
#undef HAVE_EVP_MD_DO_ALL
#undef HAVE_RAND_KEEP_RANDOM_DEVICES_OPEN
#undef HAVE_PRCTL
#undef HAVE_HYPOT
@@ -713,7 +713,6 @@ infodir
docdir
oldincludedir
includedir
runstatedir
localstatedir
sharedstatedir
sysconfdir
@@ -813,7 +812,6 @@ datadir='${datarootdir}'
sysconfdir='${prefix}/etc'
sharedstatedir='${prefix}/com'
localstatedir='${prefix}/var'
runstatedir='${localstatedir}/run'
includedir='${prefix}/include'
oldincludedir='/usr/include'
docdir='${datarootdir}/doc/${PACKAGE}'
@@ -1066,15 +1064,6 @@ do
| -silent | --silent | --silen | --sile | --sil)
silent=yes ;;
-runstatedir | --runstatedir | --runstatedi | --runstated \
| --runstate | --runstat | --runsta | --runst | --runs \
| --run | --ru | --r)
ac_prev=runstatedir ;;
-runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \
| --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \
| --run=* | --ru=* | --r=*)
runstatedir=$ac_optarg ;;
-sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
ac_prev=sbindir ;;
-sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
@@ -1212,7 +1201,7 @@ fi
for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
datadir sysconfdir sharedstatedir localstatedir includedir \
oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
libdir localedir mandir runstatedir
libdir localedir mandir
do
eval ac_val=\$$ac_var
# Remove trailing slashes.
@@ -1365,7 +1354,6 @@ Fine tuning of the installation directories:
--sysconfdir=DIR read-only single-machine data [PREFIX/etc]
--sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
--localstatedir=DIR modifiable single-machine data [PREFIX/var]
--runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run]
--libdir=DIR object code libraries [EPREFIX/lib]
--includedir=DIR C header files [PREFIX/include]
--oldincludedir=DIR C header files for non-gcc [/usr/include]
@@ -8887,7 +8875,7 @@ OLDLIBS="${LIBS}"
OLDLDFLAGS="${LDFLAGS}"
LIBS="${LIBS} ${OPENSSL_LIBS}"
LDFLAGS="${LDFLAGS} ${OPENSSL_LDFLAGS}"
for ac_func in SHA DH_set0_pqg EVP_MD_do_all
for ac_func in SHA DH_set0_pqg EVP_MD_do_all RAND_keep_random_devices_open
do :
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
@@ -204,7 +204,7 @@ OLDLIBS="${LIBS}"
OLDLDFLAGS="${LDFLAGS}"
LIBS="${LIBS} ${OPENSSL_LIBS}"
LDFLAGS="${LDFLAGS} ${OPENSSL_LDFLAGS}"
AC_CHECK_FUNCS([SHA DH_set0_pqg EVP_MD_do_all])
AC_CHECK_FUNCS([SHA DH_set0_pqg EVP_MD_do_all RAND_keep_random_devices_open])
LIBS="${OLDLIBS}"
LDFLAGS="${OLDLDFLAGS}"
@@ -73,6 +73,7 @@
#ifdef HAVE_LIBCURL
#include <curl/curl.h>
#endif
#include <openssl/rand.h>
#include "access.h"
#include "ansi.h"
@@ -533,8 +534,9 @@ main(int argc, char **argv)
#endif /* !WIN32 */
#ifdef HAVE_PLEDGE
if (pledge("stdio rpath wpath cpath inet flock unix dns proc exec id prot_exec",
NULL) < 0) {
if (pledge(
"stdio rpath wpath cpath inet flock unix dns proc exec id prot_exec",
NULL) < 0) {
perror("pledge"); /* Happens before logfiles are opened; no penn_perror() */
}
#endif
@@ -649,6 +651,11 @@ main(int argc, char **argv)
init_game_config(confname);
#ifdef HAVE_RAND_KEEP_RANDOM_DEVICES_OPEN
/* OpenSSL leaks a couple of file descriptors on every reboot without this. */
RAND_keep_random_devices_open(0);
#endif
/* If we have setlocale, call it to set locale info
* from environment variables
*/
@@ -7214,7 +7221,7 @@ dump_reboot_db(void)
flag_broadcast(0, 0, T("GAME: Error writing reboot database!"));
exit(0);
} else {
release_fd();
f = penn_fopen(REBOOTFILE, "w");
/* This shouldn't happen */
if (!f) {
@@ -86,7 +86,7 @@ GLOBALTAB globals = {0, "", 0, 0, 0, 0, 0, 0, 0, 0};
static int epoch = 0;
#ifndef WIN32
static int reserved; /**< Reserved file descriptor */
static int reserved = -1; /**< Reserved file descriptor */
#endif
static dbref *errdblist = NULL; /**< List of dbrefs to return errors from */
static dbref *errdbtail = NULL; /**< Pointer to end of errdblist */
@@ -144,7 +144,7 @@ void
reserve_fd(void)
{
#ifndef WIN32
reserved = open("/dev/null", O_RDWR);
reserved = open("/dev/null", O_RDWR | O_CLOEXEC);
#endif
}
@@ -153,7 +153,10 @@ void
release_fd(void)
{
#ifndef WIN32
close(reserved);
if (reserved >= 0) {
close(reserved);
reserved = -1;
}
#endif
}

0 comments on commit 8965e11

Please sign in to comment.