From 0dbd164e1767dc29a6e0ea8d2c86b02d6913043b Mon Sep 17 00:00:00 2001 From: Mark Wielaard Date: Sat, 5 Jul 2025 00:51:36 +0200 Subject: [PATCH] Check dup2 oldfd before allowing the syscall The dup201 LTP test fails with TFAIL: dup2(1024, 5) succeeded That is because 1024 here is the soft file limit (so one higher than the max number of fds). Valgrind raises the soft limit a little internally to have a few private fds for itself. So this dup2 call succeeds (and possibly dups and internal valgrind fd into the newfd). We should check the oldfd before allowing the dup2 syscall, like we already check the newfd. --- coregrind/m_syswrap/syswrap-generic.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/coregrind/m_syswrap/syswrap-generic.c b/coregrind/m_syswrap/syswrap-generic.c index f8d73e197..50deb1e76 100644 --- a/coregrind/m_syswrap/syswrap-generic.c +++ b/coregrind/m_syswrap/syswrap-generic.c @@ -3758,6 +3758,8 @@ PRE(sys_dup2) { PRINT("sys_dup2 ( %" FMT_REGWORD "u, %" FMT_REGWORD "u )", ARG1, ARG2); PRE_REG_READ2(long, "dup2", unsigned int, oldfd, unsigned int, newfd); + if (!ML_(fd_allowed)(ARG1, "dup2", tid, False)) + SET_STATUS_Failure( VKI_EBADF ); if (!ML_(fd_allowed)(ARG2, "dup2", tid, True)) SET_STATUS_Failure( VKI_EBADF ); } -- 2.47.2