From patchwork Thu Mar 2 18:13:08 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Halil Pasic X-Patchwork-Id: 9601345 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 5421560429 for ; Thu, 2 Mar 2017 18:13:41 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4AAA5285D3 for ; Thu, 2 Mar 2017 18:13:41 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 3F583285D6; Thu, 2 Mar 2017 18:13:41 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 30A85285D3 for ; Thu, 2 Mar 2017 18:13:40 +0000 (UTC) Received: from localhost ([::1]:53829 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cjVER-0002eQ-9U for patchwork-qemu-devel@patchwork.kernel.org; Thu, 02 Mar 2017 13:13:39 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:33283) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cjVEG-0002e1-ON for qemu-devel@nongnu.org; Thu, 02 Mar 2017 13:13:29 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cjVED-0006R5-If for qemu-devel@nongnu.org; Thu, 02 Mar 2017 13:13:28 -0500 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]:45401) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cjVED-0006Qb-9T for qemu-devel@nongnu.org; Thu, 02 Mar 2017 13:13:25 -0500 Received: from pps.filterd (m0098409.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.20/8.16.0.20) with SMTP id v22I8hrC061295 for ; Thu, 2 Mar 2017 13:13:23 -0500 Received: from e06smtp14.uk.ibm.com (e06smtp14.uk.ibm.com [195.75.94.110]) by mx0a-001b2d01.pphosted.com with ESMTP id 28xpbs6kxa-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Thu, 02 Mar 2017 13:13:23 -0500 Received: from localhost by e06smtp14.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Thu, 2 Mar 2017 18:13:21 -0000 Received: from d06dlp01.portsmouth.uk.ibm.com (9.149.20.13) by e06smtp14.uk.ibm.com (192.168.101.144) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Thu, 2 Mar 2017 18:13:19 -0000 Received: from b06cxnps4076.portsmouth.uk.ibm.com (d06relay13.portsmouth.uk.ibm.com [9.149.109.198]) by d06dlp01.portsmouth.uk.ibm.com (Postfix) with ESMTP id 502BB17D8042; Thu, 2 Mar 2017 18:16:33 +0000 (GMT) Received: from d06av23.portsmouth.uk.ibm.com (d06av23.portsmouth.uk.ibm.com [9.149.105.59]) by b06cxnps4076.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id v22IDJXG7733692; Thu, 2 Mar 2017 18:13:19 GMT Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 32502A4053; Thu, 2 Mar 2017 18:13:20 +0000 (GMT) Received: from d06av23.portsmouth.uk.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id F3F51A4040; Thu, 2 Mar 2017 18:13:19 +0000 (GMT) Received: from tuxmaker.boeblingen.de.ibm.com (unknown [9.152.85.9]) by d06av23.portsmouth.uk.ibm.com (Postfix) with ESMTPS; Thu, 2 Mar 2017 18:13:19 +0000 (GMT) From: Halil Pasic To: qemu-devel@nongnu.org, Stefan Weil Date: Thu, 2 Mar 2017 19:13:08 +0100 X-Mailer: git-send-email 2.8.4 X-TM-AS-GCONF: 00 X-Content-Scanned: Fidelis XPS MAILER x-cbid: 17030218-0016-0000-0000-0000044AE941 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17030218-0017-0000-0000-000026A4DABC Message-Id: <20170302181308.69662-1-pasic@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-03-02_16:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1612050000 definitions=main-1703020158 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy] X-Received-From: 148.163.156.1 Subject: [Qemu-devel] [PATCH 1/1] event_notifier: prevent accidental use after close X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Halil Pasic , "Michael S. Tsirkin" Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP Let's set the handles to the underlying facilities to their extremal value so no accidental misuse can happen, and to make it obvious that the notifier is dysfunctional. E.g. if we just close an fd but do not touch the int holding the fd eventually a read/write could succeed again when the fd gets reused, and corrupt the file addressed by the fd. Signed-off-by: Halil Pasic Reviewed-by: Stefan Hajnoczi --- No strong feelings about this, but obviously, I do think it's worth a try. The one who brought this unfortunate possibility to my attention was Michael Tsirkin. --- util/event_notifier-posix.c | 2 ++ util/event_notifier-win32.c | 1 + 2 files changed, 3 insertions(+) diff --git a/util/event_notifier-posix.c b/util/event_notifier-posix.c index 7e40252..acdbe3b 100644 --- a/util/event_notifier-posix.c +++ b/util/event_notifier-posix.c @@ -81,8 +81,10 @@ void event_notifier_cleanup(EventNotifier *e) { if (e->rfd != e->wfd) { close(e->rfd); + e->rfd = -1; } close(e->wfd); + e->wfd = -1; } int event_notifier_get_fd(const EventNotifier *e) diff --git a/util/event_notifier-win32.c b/util/event_notifier-win32.c index 519fb59..62c53b0 100644 --- a/util/event_notifier-win32.c +++ b/util/event_notifier-win32.c @@ -25,6 +25,7 @@ int event_notifier_init(EventNotifier *e, int active) void event_notifier_cleanup(EventNotifier *e) { CloseHandle(e->event); + e->event = NULL; } HANDLE event_notifier_get_handle(EventNotifier *e)