d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Correct a bug introduced in sys_pipe.c:1.179: in pipe_ioctl(),

Browse Source 
release the pipe mutex before calling fsetown(), as fsetown()
may block.  The sigio code protects the pipe sigio data using
its own mutex, and the pipe reference count held by the caller
will prevent the pipe from being prematurely garbage-collected.

Discovered by:	imp
This commit is contained in:
Robert Watson 2004-11-23 22:15:08 +00:00
parent 3f40c36312
commit 436cac68e6
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=138032
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
sys/kern/sys_pipe.c
View File

@ -1292,8 +1292,9 @@ pipe_ioctl(fp, cmd, data, active_cred, td)
break;
case FIOSETOWN:
PIPE_UNLOCK(mpipe);
error = fsetown(*(int *)data, &mpipe->pipe_sigio);
break;
goto out_unlocked;
case FIOGETOWN:
*(int *)data = fgetown(&mpipe->pipe_sigio);
@ -1301,8 +1302,9 @@ pipe_ioctl(fp, cmd, data, active_cred, td)
/* This is deprecated, FIOSETOWN should be used instead. */
case TIOCSPGRP:
PIPE_UNLOCK(mpipe);
error = fsetown(-(*(int *)data), &mpipe->pipe_sigio);
break;
goto out_unlocked;
/* This is deprecated, FIOGETOWN should be used instead. */
case TIOCGPGRP:
@ -1314,6 +1316,7 @@ pipe_ioctl(fp, cmd, data, active_cred, td)
break;
}
PIPE_UNLOCK(mpipe);
out_unlocked:
return (error);
}