From: Martin Schwenke Date: Tue, 7 Nov 2017 22:22:29 +0000 (+1100) Subject: ctdb-tests: Fix some harmless CIDs X-Git-Tag: tevent-0.9.34~24 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=aed7faeab4b1c701768bb3c56b3f3bbfd2801938;p=thirdparty%2Fsamba.git ctdb-tests: Fix some harmless CIDs CID 1420632: Resource leaks (RESOURCE LEAK) CID 1420631: Security best practices violations (TOCTOU) CID 1417432: Resource leaks (RESOURCE LEAK) CID 1417429: Security best practices violations (TOCTOU) CID 1417427: Resource leaks (RESOURCE LEAK) These are all in test code and constrained to the test environment, so can't result in privilege escape. No backport necessary. However, we might as well get them off the list. Signed-off-by: Martin Schwenke Reviewed-by: Amitay Isaacs Autobuild-User(master): Amitay Isaacs Autobuild-Date(master): Wed Nov 8 11:28:40 CET 2017 on sn-devel-144 --- diff --git a/ctdb/tests/src/sock_daemon_test.c b/ctdb/tests/src/sock_daemon_test.c index bba0df26a0a..95045d175ff 100644 --- a/ctdb/tests/src/sock_daemon_test.c +++ b/ctdb/tests/src/sock_daemon_test.c @@ -216,16 +216,16 @@ static void test2(TALLOC_CTX *mem_ctx, const char *pidfile, assert(n == sizeof(ret)); assert(ret == 1); - ret = stat(pidfile, &st); - assert(ret == 0); - assert(S_ISREG(st.st_mode)); - pidfile_fd = open(pidfile, O_RDONLY, 0644); assert(pidfile_fd != -1); + ret = fstat(pidfile_fd, &st); + assert(ret == 0); + assert(S_ISREG(st.st_mode)); n = read(pidfile_fd, pidstr, sizeof(pidstr)-1); assert(n != -1); pid2 = (pid_t)atoi(pidstr); assert(pid == pid2); + close(pidfile_fd); ret = kill(pid, SIGHUP); assert(ret == 0); @@ -1315,6 +1315,7 @@ static void test9(TALLOC_CTX *mem_ctx, const char *pidfile, assert(n != -1); pid2 = (pid_t)atoi(pidstr); assert(pid != pid2); + close(pidfile_fd); ret = kill(pid2, SIGTERM); assert(ret == 0); @@ -1431,16 +1432,13 @@ static void test10(TALLOC_CTX *mem_ctx, const char *pidfile, assert(n == sizeof(ret)); assert(ret == 1); - ret = stat(pidfile, &st); - assert(ret == 0); - assert(S_ISREG(st.st_mode)); - pidfile_fd = open(pidfile, O_RDONLY, 0644); assert(pidfile_fd != -1); n = read(pidfile_fd, pidstr, sizeof(pidstr)-1); assert(n != -1); pid2 = (pid_t)atoi(pidstr); assert(pid == pid2); + close(pidfile_fd); ret = kill(pid, SIGTERM); assert(ret == 0);