From ebbca852973219065505d5c6d486eb0b6b2ea3b3 Mon Sep 17 00:00:00 2001 From: Matthias Hardt Date: Mon, 9 Mar 2020 19:58:22 +0100 Subject: [PATCH] commands_utils: fix socket leak when adding state client If lxc_add_state_client() is called with the container already being in the desired state the client fd will never be closed and is leaking. This is due to setting stay_connected in lxc_cmd for LXC_CMD_ADD_STATE_CLIENT. If the desired state isn't already achieved the client fd will later be closed by calling lxc_cmd_fd_cleanup() but in the other case the client configuration isn't added to the handlers state clients. So the client fd has to be closed explicitely. This is simply tested by starting container A and calling lxc-wait -n A -s RUNNING. Signed-off-by: Matthias Hardt --- src/lxc/commands.c | 6 +++++- src/lxc/compiler.h | 3 +++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/src/lxc/commands.c b/src/lxc/commands.c index cb67e7190..729139a6e 100644 --- a/src/lxc/commands.c +++ b/src/lxc/commands.c @@ -863,7 +863,7 @@ int lxc_cmd_add_state_client(const char *name, const char *lxcpath, return MAX_STATE; } -static int lxc_cmd_add_state_client_callback(int fd, struct lxc_cmd_req *req, +static int lxc_cmd_add_state_client_callback(__owns int fd, struct lxc_cmd_req *req, struct lxc_handler *handler, struct lxc_epoll_descr *descr) { @@ -889,6 +889,10 @@ static int lxc_cmd_add_state_client_callback(int fd, struct lxc_cmd_req *req, if (ret < 0) goto reap_client_fd; + /* close fd if state is already achieved to avoid leakage */ + if (rsp.ret != MAX_STATE) + close(fd); + return 0; reap_client_fd: diff --git a/src/lxc/compiler.h b/src/lxc/compiler.h index ad9ac9033..92cd9fd14 100644 --- a/src/lxc/compiler.h +++ b/src/lxc/compiler.h @@ -52,6 +52,9 @@ #define __lxc_unused #endif +/* Indicates taking ownership */ +#define __owns + #define __cgfsng_ops #endif /* __LXC_COMPILER_H */ -- 2.47.2