diff options
author | Jamie Liu <jamieliu@google.com> | 2020-04-14 14:40:08 -0700 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2020-04-14 14:41:06 -0700 |
commit | 2dd6384de89a866bddb9184b8d7ab85b5b8f7100 (patch) | |
tree | e473a732cdd91bd0b3283cfc3729d08e335ab2fc /pkg/sentry | |
parent | 52b4b19249adfeba65fe6f0ef27111f2ed887888 (diff) |
Fix cleanup around socketpair() failure to copy out FDs.
- Use the fs.File, rather than the vfs.FileDescription, in the VFS1 version.
- Check for a nil fs.File/vfs.FileDescription before calling DecRef, which is
possible if a racing dup2() or dup3() replaces the file descriptor between
when it is installed and when it is returned. (This is not possible in Linux
because Linux separates allocation of a file descriptor from binding an
allocated file descriptor to a struct file, and dup2/dup3 return EBUSY if
asked to replace an allocated but unbound file descriptor.)
PiperOrigin-RevId: 306517101
Diffstat (limited to 'pkg/sentry')
-rw-r--r-- | pkg/sentry/syscalls/linux/sys_socket.go | 5 | ||||
-rw-r--r-- | pkg/sentry/syscalls/linux/vfs2/socket.go | 5 |
2 files changed, 6 insertions, 4 deletions
diff --git a/pkg/sentry/syscalls/linux/sys_socket.go b/pkg/sentry/syscalls/linux/sys_socket.go index 61b2576ac..0760af77b 100644 --- a/pkg/sentry/syscalls/linux/sys_socket.go +++ b/pkg/sentry/syscalls/linux/sys_socket.go @@ -247,8 +247,9 @@ func SocketPair(t *kernel.Task, args arch.SyscallArguments) (uintptr, *kernel.Sy // Copy the file descriptors out. if _, err := t.CopyOut(socks, fds); err != nil { for _, fd := range fds { - _, file := t.FDTable().Remove(fd) - file.DecRef() + if file, _ := t.FDTable().Remove(fd); file != nil { + file.DecRef() + } } return 0, nil, err } diff --git a/pkg/sentry/syscalls/linux/vfs2/socket.go b/pkg/sentry/syscalls/linux/vfs2/socket.go index 79a4a7ada..b1ede32f0 100644 --- a/pkg/sentry/syscalls/linux/vfs2/socket.go +++ b/pkg/sentry/syscalls/linux/vfs2/socket.go @@ -250,8 +250,9 @@ func SocketPair(t *kernel.Task, args arch.SyscallArguments) (uintptr, *kernel.Sy if _, err := t.CopyOut(addr, fds); err != nil { for _, fd := range fds { - _, file := t.FDTable().Remove(fd) - file.DecRef() + if _, file := t.FDTable().Remove(fd); file != nil { + file.DecRef() + } } return 0, nil, err } |