If an application closes one of its stdio descriptors (0..2),

an excessive close() on one of these descriptors would cause a memory for this descriptor to be allocated in the internal descriptor table. When this descriptor gets used again, e.g. through the call to open() or socket(), the descriptor would be erroneously left in the blocking mode, and the whole application would get stuck on a blocking operation, e.g., in accept(2). Prevent this bug from happening by disallowing close() against non-active descriptors (return -1 and set errno to EBADF in this case). Reviewed by: deischen Approved by: re (scottl)
svn path=/head/; revision=115421
2003-05-31 05:20:44 +00:00 · 2003-05-31 05:20:44 +00:00 · d635dc4671 · 2020-12-20 02:59:44 +00:00
commit d635dc4671
parent 2450346579
1 changed files with 4 additions and 2 deletions
--- a/lib/libc_r/uthread/uthread_close.c
+++ b/lib/libc_r/uthread/uthread_close.c
@ -49,9 +49,11 @@ _close(int fd)
 	struct stat	sb;
 	struct fd_table_entry	*entry;

-	if ((fd == _thread_kern_pipe[0]) || (fd == _thread_kern_pipe[1])) {
+	if ((fd == _thread_kern_pipe[0]) || (fd == _thread_kern_pipe[1]) ||
+	    (_thread_fd_table[fd] == NULL)) {
 		/*
-		 * Don't allow silly programs to close the kernel pipe.
+		 * Don't allow silly programs to close the kernel pipe
+		 * and non-active descriptors.
 		 */
 		errno = EBADF;
 		ret = -1;