diff options
author | Keith Owens <k10@ocs.com.au> | 2011-09-28 16:09:59 +1000 |
---|---|---|
committer | Stef Walter <stefw@collabora.co.uk> | 2011-10-21 15:24:58 +0200 |
commit | b0c0f832896d49f22ba7d952ddfc628a07218fd6 (patch) | |
tree | be0ded732cad33281756f51ea08b59671ec0b55b /COPYING | |
parent | ea709f92dffd0e7b244caba1a478c5614cf19ba0 (diff) |
proxsmtpd: [PATCH] Close extra file descriptors for filter command
Short form: Passing extra file descriptors to the filter command can prevent it
from detecting EOF or EPIPE. Result, dead filter commands that never
terminate. Close everything except fd 0, 1, 2 before running the filter
command.
Long form: At the point that the filter command is forked and executed,
proxsmtd may have multiple children with multiple pipes open. fork() bumps the
reference count on all the file descriptors that are open at that moment. When
the parent closes its part of the pipe, the pipe fd may or may not be removed
from the system, depending on how many children have accidentally inherited
that pipe.
The child code closes fd 0, 1 and 2, calls dup2() to map the pipes to 0, 1 and
2 then runs. If another child has accidentally bumped the reference count on
the pipes to this child then fd 0 can have multiple writers. This prevents the
filter from detecting EOF or EPIPE when proxsmtpd closes the pipe to this
particular child. This bug is particularly evident if the filter program does
another fork and uses more pipes to communicate with its own child. awk does
this as a matter of course.
The result is a dangling filter command just sitting there waiting for input
and not detecting that stdin has been closed. The dangling commands are owned
by pid 1 rather than proxsmtpd. The only way to get rid of them is to manually
kill them.
Diffstat (limited to 'COPYING')
0 files changed, 0 insertions, 0 deletions