On Sat, Sep 16 2017, Alexander Bluhm <[email protected]> wrote:
> Hi,
>
> syslogd tries to ignore EAGAIN for tty. Unfortunately it closes
> the file descriptor before checking the errno. So f_file contains
> a bad file descriptor that may be reused at the next open.
>
> I think f_file should not be closed if the errno is EAGAIN.
>
> If I move the close down, f_file is overwritten in all cases.
>
> ok?
ok jca@
> bluhm
>
> Index: usr.sbin/syslogd/syslogd.c
> ===================================================================
> RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/syslogd/syslogd.c,v
> retrieving revision 1.246
> diff -u -p -r1.246 syslogd.c
> --- usr.sbin/syslogd/syslogd.c 12 Sep 2017 15:17:20 -0000 1.246
> +++ usr.sbin/syslogd/syslogd.c 16 Sep 2017 00:16:38 -0000
> @@ -2045,7 +2045,6 @@ fprintlog(struct filed *f, int flags, ch
> break;
> }
>
> - (void)close(f->f_file);
> /*
> * Check for errors on TTY's or program pipes.
> * Errors happen due to loss of tty or died programs.
> @@ -2056,7 +2055,10 @@ fprintlog(struct filed *f, int flags, ch
> * This can happen when logging to a locked tty.
> */
> break;
> - } else if ((e == EIO || e == EBADF) &&
> + }
> +
> + (void)close(f->f_file);
> + if ((e == EIO || e == EBADF) &&
> f->f_type != F_FILE && f->f_type != F_PIPE &&
> !retryonce) {
> f->f_file = priv_open_tty(f->f_un.f_fname);
>
--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
