summaryrefslogtreecommitdiff
path: root/src/proxsmtpd.c
diff options
context:
space:
mode:
authorKeith Owens <k10@ocs.com.au>2011-09-28 16:09:59 +1000
committerStef Walter <stefw@collabora.co.uk>2011-10-21 15:24:58 +0200
commitb0c0f832896d49f22ba7d952ddfc628a07218fd6 (patch)
treebe0ded732cad33281756f51ea08b59671ec0b55b /src/proxsmtpd.c
parentea709f92dffd0e7b244caba1a478c5614cf19ba0 (diff)
proxsmtpd: [PATCH] Close extra file descriptors for filter command
Short form: Passing extra file descriptors to the filter command can prevent it from detecting EOF or EPIPE. Result, dead filter commands that never terminate. Close everything except fd 0, 1, 2 before running the filter command. Long form: At the point that the filter command is forked and executed, proxsmtd may have multiple children with multiple pipes open. fork() bumps the reference count on all the file descriptors that are open at that moment. When the parent closes its part of the pipe, the pipe fd may or may not be removed from the system, depending on how many children have accidentally inherited that pipe. The child code closes fd 0, 1 and 2, calls dup2() to map the pipes to 0, 1 and 2 then runs. If another child has accidentally bumped the reference count on the pipes to this child then fd 0 can have multiple writers. This prevents the filter from detecting EOF or EPIPE when proxsmtpd closes the pipe to this particular child. This bug is particularly evident if the filter program does another fork and uses more pipes to communicate with its own child. awk does this as a matter of course. The result is a dangling filter command just sitting there waiting for input and not detecting that stdin has been closed. The dangling commands are owned by pid 1 rather than proxsmtpd. The only way to get rid of them is to manually kill them.
Diffstat (limited to 'src/proxsmtpd.c')
-rw-r--r--src/proxsmtpd.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/src/proxsmtpd.c b/src/proxsmtpd.c
index 8f50d96..963894d 100644
--- a/src/proxsmtpd.c
+++ b/src/proxsmtpd.c
@@ -425,6 +425,9 @@ static pid_t fork_filter(spctx_t* sp, int* infd, int* outfd, int* errfd)
kill_myself();
}
+ for (r = 3; r < FD_SETSIZE; ++r)
+ close(r);
+
/* All the necessary environment vars */
sp_setup_forked(sp, 1);