From 292fda88b4a7dd9f099cf50e044c601cd5f00f9d Mon Sep 17 00:00:00 2001 From: Lukas Sismis Date: Mon, 25 Sep 2023 15:37:07 +0200 Subject: [PATCH] unix-manager: prioritize the shutdown check Make sure Suricata is in the running state before you attempt to execute commands on the Unix sockets. UnixMain is being called in an infinite loop where TmThreadsCheckFlag(th_v, THV_KILL) is checked for the deinit phase. However, it may take some time between the start of Suricata's deinitialization and the receipt of THV_KILL flag in the Unix thread. In between this time period, the Unix manager can still perform select() operation on the Unix socket while the socket being already deinitialized. Likely with a longer time span between the initial shutdown command and actual closing of Unix sockets resulted in an error of invalid file descriptors. Ticket: #6272 --- src/unix-manager.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/unix-manager.c b/src/unix-manager.c index 9893553f42..9fb5bd7935 100644 --- a/src/unix-manager.c +++ b/src/unix-manager.c @@ -628,6 +628,13 @@ static int UnixMain(UnixCommand * this) UnixClient *uclient; UnixClient *tclient; + if (suricata_ctl_flags & SURICATA_STOP) { + TAILQ_FOREACH_SAFE (uclient, &this->clients, next, tclient) { + UnixCommandClose(this, uclient->fd); + } + return 1; + } + /* Wait activity on the socket */ FD_ZERO(&select_set); FD_SET(this->socket, &select_set); @@ -649,13 +656,6 @@ static int UnixMain(UnixCommand * this) return 0; } - if (suricata_ctl_flags & SURICATA_STOP) { - TAILQ_FOREACH_SAFE(uclient, &this->clients, next, tclient) { - UnixCommandClose(this, uclient->fd); - } - return 1; - } - /* timeout: continue */ if (ret == 0) { return 1; -- 2.47.2