ok djm

On Mon, 5 Feb 2018, Theo Buehler wrote:

> In channel_close_fd(), the file descriptors for the socket, stdin,
> stdout and stderr aren't necessarily distinct, so closing them results
> in EBADF. In addition, the diff adds a couple of positivity checks to
> avoid calling close(-1).
> 
> Index: usr.bin/ssh/channels.c
> ===================================================================
> RCS file: /var/cvs/src/usr.bin/ssh/channels.c,v
> retrieving revision 1.378
> diff -u -p -r1.378 channels.c
> --- usr.bin/ssh/channels.c    23 Jan 2018 05:27:21 -0000      1.378
> +++ usr.bin/ssh/channels.c    24 Jan 2018 00:41:18 -0000
> @@ -426,10 +426,15 @@ channel_close_fd(struct ssh *ssh, int *f
>  static void
>  channel_close_fds(struct ssh *ssh, Channel *c)
>  {
> +     int sock = c->sock, rfd = c->rfd, wfd = c->wfd, efd = c->efd;
> +
>       channel_close_fd(ssh, &c->sock);
> -     channel_close_fd(ssh, &c->rfd);
> -     channel_close_fd(ssh, &c->wfd);
> -     channel_close_fd(ssh, &c->efd);
> +     if (rfd != sock)
> +             channel_close_fd(ssh, &c->rfd);
> +     if (wfd != sock && wfd != rfd)
> +             channel_close_fd(ssh, &c->wfd);
> +     if (efd != sock && efd != rfd && efd != wfd)
> +             channel_close_fd(ssh, &c->efd);
>  }
>  
>  static void
> Index: usr.bin/ssh/monitor.c
> ===================================================================
> RCS file: /var/cvs/src/usr.bin/ssh/monitor.c,v
> retrieving revision 1.178
> diff -u -p -r1.178 monitor.c
> --- usr.bin/ssh/monitor.c     23 Jan 2018 05:27:21 -0000      1.178
> +++ usr.bin/ssh/monitor.c     24 Jan 2018 00:41:18 -0000
> @@ -230,8 +230,10 @@ monitor_child_preauth(Authctxt *_authctx
>  
>       debug3("preauth child monitor started");
>  
> -     close(pmonitor->m_recvfd);
> -     close(pmonitor->m_log_sendfd);
> +     if (pmonitor->m_recvfd >= 0)
> +             close(pmonitor->m_recvfd);
> +     if (pmonitor->m_log_sendfd >= 0)
> +             close(pmonitor->m_log_sendfd);
>       pmonitor->m_log_sendfd = pmonitor->m_recvfd = -1;
>  
>       authctxt = _authctxt;
> @@ -298,8 +300,10 @@ monitor_child_preauth(Authctxt *_authctx
>       while (pmonitor->m_log_recvfd != -1 && monitor_read_log(pmonitor) == 0)
>               ;
>  
> -     close(pmonitor->m_sendfd);
> -     close(pmonitor->m_log_recvfd);
> +     if (pmonitor->m_recvfd >= 0)
> +             close(pmonitor->m_recvfd);
> +     if (pmonitor->m_log_sendfd >= 0)
> +             close(pmonitor->m_log_sendfd);
>       pmonitor->m_sendfd = pmonitor->m_log_recvfd = -1;
>  }
>  
> Index: usr.bin/ssh/ssh-pkcs11-client.c
> ===================================================================
> RCS file: /var/cvs/src/usr.bin/ssh/ssh-pkcs11-client.c,v
> retrieving revision 1.7
> diff -u -p -r1.7 ssh-pkcs11-client.c
> --- usr.bin/ssh/ssh-pkcs11-client.c   30 May 2017 08:52:19 -0000      1.7
> +++ usr.bin/ssh/ssh-pkcs11-client.c   23 Jan 2018 00:09:22 -0000
> @@ -93,7 +93,8 @@ pkcs11_init(int interactive)
>  void
>  pkcs11_terminate(void)
>  {
> -     close(fd);
> +     if (fd >= 0)
> +             close(fd);
>  }
>  
>  static int
> 
> 

Reply via email to