Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

vm/qrexec: fix race between child cleanup and select call

Browse Source 
reap_children() can close FD, which was already added to FD_SET for select.
This can lead to EBADF and agent termination.
This commit is contained in:
Marek Marczykowski 2012-08-27 00:20:25 +02:00
parent 1c04920833
commit 798d239c15
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
qrexec/qrexec_agent.c
View File

@ -554,14 +554,14 @@ int main()
for (;;) { for (;;) {
sigprocmask(SIG_BLOCK, &chld_set, NULL);
if (child_exited)
reap_children();
max = fill_fds_for_select(&rdset, &wrset); max = fill_fds_for_select(&rdset, &wrset);
if (buffer_space_vchan_ext() <= if (buffer_space_vchan_ext() <=
sizeof(struct server_header)) sizeof(struct server_header))
FD_ZERO(&rdset); FD_ZERO(&rdset);
sigprocmask(SIG_BLOCK, &chld_set, NULL);
if (child_exited)
reap_children();
wait_for_vchan_or_argfd(max, &rdset, &wrset); wait_for_vchan_or_argfd(max, &rdset, &wrset);
sigprocmask(SIG_UNBLOCK, &chld_set, NULL); sigprocmask(SIG_UNBLOCK, &chld_set, NULL);