From a3284c1a9e8ad9fc14fd075d2296e66ac46d1aca Mon Sep 17 00:00:00 2001
From: Otto Moerbeek <otto.moerbeek@open-xchange.com>
Date: Wed, 20 Nov 2019 13:39:09 +0100
Subject: [PATCH] Check return value of dup() and avoid fd leak if if fdopen()
 fails.

---
 pdns/syncres.cc | 37 ++++++++++++++++++++++++++++++-------
 1 file changed, 30 insertions(+), 7 deletions(-)

diff --git a/pdns/syncres.cc b/pdns/syncres.cc
index 501d453f33..4dc7740151 100644
--- a/pdns/syncres.cc
+++ b/pdns/syncres.cc
@@ -413,8 +413,13 @@ bool SyncRes::isForwardOrAuth(const DNSName &qname) const {
 
 uint64_t SyncRes::doEDNSDump(int fd)
 {
-  auto fp = std::unique_ptr<FILE, int(*)(FILE*)>(fdopen(dup(fd), "w"), fclose);
+  int newfd = dup(fd);
+  if (newfd == -1) {
+    return 0;
+  }
+  auto fp = std::unique_ptr<FILE, int(*)(FILE*)>(fdopen(newfd, "w"), fclose);
   if (!fp) {
+    close(newfd);
     return 0;
   }
   uint64_t count = 0;
@@ -430,9 +435,15 @@ uint64_t SyncRes::doEDNSDump(int fd)
 
 uint64_t SyncRes::doDumpNSSpeeds(int fd)
 {
-  auto fp = std::unique_ptr<FILE, int(*)(FILE*)>(fdopen(dup(fd), "w"), fclose);
-  if(!fp)
+  int newfd = dup(fd);
+  if (newfd == -1) {
     return 0;
+  }
+  auto fp = std::unique_ptr<FILE, int(*)(FILE*)>(fdopen(newfd, "w"), fclose);
+  if (!fp) {
+    close(newfd);
+    return 0;
+  }
   fprintf(fp.get(), "; nsspeed dump from thread follows\n;\n");
   uint64_t count=0;
 
@@ -454,9 +465,15 @@ uint64_t SyncRes::doDumpNSSpeeds(int fd)
 
 uint64_t SyncRes::doDumpThrottleMap(int fd)
 {
-  auto fp = std::unique_ptr<FILE, int(*)(FILE*)>(fdopen(dup(fd), "w"), fclose);
-  if(!fp)
+  int newfd = dup(fd);
+  if (newfd == -1) {
+    return 0;
+  }
+  auto fp = std::unique_ptr<FILE, int(*)(FILE*)>(fdopen(newfd, "w"), fclose);
+  if (!fp) {
+    close(newfd);
     return 0;
+  }
   fprintf(fp.get(), "; throttle map dump follows\n");
   fprintf(fp.get(), "; remote IP\tqname\tqtype\tcount\tttd\n");
   uint64_t count=0;
@@ -475,9 +492,15 @@ uint64_t SyncRes::doDumpThrottleMap(int fd)
 
 uint64_t SyncRes::doDumpFailedServers(int fd)
 {
-  auto fp = std::unique_ptr<FILE, int(*)(FILE*)>(fdopen(dup(fd), "w"), fclose);
-  if(!fp)
+  int newfd = dup(fd);
+  if (newfd == -1) {
     return 0;
+  }
+  auto fp = std::unique_ptr<FILE, int(*)(FILE*)>(fdopen(newfd, "w"), fclose);
+  if (!fp) {
+    close(newfd);
+    return 0;
+  }
   fprintf(fp.get(), "; failed servers dump follows\n");
   fprintf(fp.get(), "; remote IP\tcount\ttimestamp\n");
   uint64_t count=0;
-- 
2.47.2