Fix bad file descriptor error when ignore_output is enabled #1102
Conversation
cristgl
force-pushed
the
fix-wodle-command
branch
from
1b83350
to
c675e45
Compare
There was a problem hiding this comment.
Please apply the same stander input/output binds to the wpopen library.
Two options to solve the timeout problem:
- If output is disabled, use the classical kill loop (https://github.com/wazuh/wazuh/blob/master/src/wazuh_modules/wm_exec.c#L484-L503)
- Replace
wm_exec()completely forwm_popen()and add this kill loop.
Don't forget to update the changelog.
Thanks @cristgl !
src/wazuh_modules/wm_exec.c
Outdated
| } | ||
| dup2(fd, STDOUT_FILENO); | ||
| dup2(fd, STDERR_FILENO); | ||
| dup2(fd, STDIN_FILENO); |
There was a problem hiding this comment.
The stdin should also be bound in the then part of the if.
src/wazuh_modules/wm_exec.c
Outdated
| case 0: | ||
| retval = 0; | ||
| break; | ||
| switch (secs ? pthread_cond_timedwait(&tinfo.finished, &tinfo.mutex, &timeout) : pthread_cond_wait(&tinfo.finished, &tinfo.mutex)) { |
There was a problem hiding this comment.
This part has no sense since we have not created a pipe. This thread may fail and return immediately, so the timeout could not be computed.
cristgl
force-pushed
the
fix-wodle-command
branch
from
dfb37d7
to
cdfc437
Compare
| @@ -343,24 +349,46 @@ int wm_exec(char *command, char **output, int *exitcode, int secs) | |||
|
|
|||
| pthread_mutex_destroy(&tinfo.mutex); | |||
| pthread_cond_destroy(&tinfo.finished); | |||
|
|
|||
| // Wait for child process | |||
There was a problem hiding this comment.
waitpid() must be called in any case, otherwise the child process will remain as zombie.
src/shared/exec_op.c
Outdated
| @@ -128,32 +128,40 @@ wfd_t * wpopenv(const char * path, char * const * argv, int flags) { | |||
| // Error | |||
| break; | |||
|
|
|||
| case 0: | |||
| case 0: | |||
src/wazuh_modules/wm_exec.c
Outdated
| } | ||
| // Kill and timeout | ||
| do { | ||
| sleep(1); |
There was a problem hiding this comment.
Please let's sleep after checking.
src/wazuh_modules/wmodules.h
Outdated
| @@ -93,7 +93,7 @@ void wm_destroy(); | |||
| * If the called program timed-out, returns WM_ERROR_TIMEOUT and output may | |||
| * contain data. | |||
| */ | |||
| int wm_exec(char *command, char **output, int *exitcode, int secs); | |||
| int wm_popen(char *command, char **output, int *exitcode, int secs); | |||
There was a problem hiding this comment.
Why did you refactor this function?
cristgl
force-pushed
the
fix-wodle-command
branch
2 times, most recently
from
d53b2eb
to
e0f8d3a
Compare
src/shared/exec_op.c
Outdated
| close(STDOUT_FILENO); | ||
| close(STDERR_FILENO); | ||
| dup2(fd, STDOUT_FILENO); | ||
| dup2(fd, STDERR_FILENO); | ||
| } | ||
|
|
||
| close(STDIN_FILENO); |
There was a problem hiding this comment.
This line should not be there.
src/wazuh_modules/wm_exec.c
Outdated
| case -1: | ||
| switch(errno){ | ||
| case ESRCH: | ||
| exit(EXIT_SUCCESS); |
There was a problem hiding this comment.
This code runs in the parent process. This line would close the daemon.
src/wazuh_modules/wmodules.c
Outdated
| @@ -112,18 +112,20 @@ int wm_check() { | |||
| next = j->next; | |||
|
|
|||
| if (i->context->name == j->context->name) { | |||
| mdebug1("Deleting repeated module '%s'.", j->context->name); | |||
| if(strcmp(j->context->name,"command")){ | |||
There was a problem hiding this comment.
This change fixes a different issue but it would allow repeated modules.
…n one wodle command
src/wazuh_modules/wm_exec.c
Outdated
| break; | ||
|
|
||
| default: | ||
|
|
||
| // Parent | ||
|
|
||
| wm_append_sid(pid); | ||
| close(pipe_fd[1]); |
There was a problem hiding this comment.
If the output is null, then pipe_fd has trash values.
| } | ||
|
|
||
| close(STDIN_FILENO); |
There was a problem hiding this comment.
We must close fd after duplicating it.
vikman90
force-pushed
the
fix-wodle-command
branch
from
fad108d
to
c88c433
Compare
|
LGTM! |
This PR fixes the issues detected at #1057.
Also, STDERR, STDOUT and STDIN have been opened with O_RDWR permissions so that there is no bad file descriptor error when ignore_output is active.