Commit 0da5ad1c authored by Marek Vavrusa's avatar Marek Vavrusa

Resolved potential reading of uninitialized memory of added fds on poll() backend.

Some remove/add patterns on iterators are not exactly right,
temporary precautions are implemented.
parent 678544e3
......@@ -71,9 +71,10 @@ int fdset_poll_add(fdset_t *fdset, int fd, int events)
}
/* Append. */
int nid = fdset->nfds++;;
int nid = fdset->nfds++;
fdset->fds[nid].fd = fd;
fdset->fds[nid].events = POLLIN;
fdset->fds[nid].revents = 0;
return 0;
}
......
......@@ -104,7 +104,10 @@ static void tcp_sweep(fdset_t *set, int fd, void* data)
int r_port = 0;
struct sockaddr_storage addr;
socklen_t len = sizeof(addr);
getpeername(fd, (struct sockaddr*)&addr, &len);
if (getpeername(fd, (struct sockaddr*)&addr, &len) < 0) {
dbg_net("tcp: sweep getpeername() on invalid socket=%d\n", fd);
return;
}
/* Translate */
if (addr.ss_family == AF_INET) {
......@@ -158,15 +161,13 @@ static int tcp_handle(tcp_worker_t *w, int fd, uint8_t *qbuf, size_t qbuf_maxlen
log_server_error("Socket type %d is not supported, "
"IPv6 support is probably disabled.\n",
w->ioh->type);
return KNOTD_ECONNREFUSED;
return KNOTD_EINVAL;
}
/* Receive data. */
int n = tcp_recv(fd, qbuf, qbuf_maxlen, &addr);
if (n <= 0) {
dbg_net("tcp: client on fd=%d disconnected\n", fd);
fdset_remove(w->fdset, fd);
close(fd);
if (n == KNOTD_EAGAIN) {
char r_addr[SOCKADDR_STRLEN];
sockaddr_tostr(&addr, r_addr, sizeof(r_addr));
......@@ -582,6 +583,12 @@ int tcp_loop_worker(dthread_t *thread)
"set to %ds\n",
it.fd, TCP_ACTIVITY_WD);
}
/*! \todo Refactor to allow erase on iterator.*/
if (ret == KNOTD_ECONNREFUSED) {
fdset_remove(w->fdset, it.fd);
close(it.fd);
break;
}
}
......
......@@ -1525,6 +1525,8 @@ int xfr_worker(dthread_t *thread)
ret = xfr_process_event(w, it.fd, data, buf, buflen);
if (ret != KNOTD_EOK) {
xfr_free_task(data);
/*! \todo Refactor to allow erase on iterator.*/
break;
}
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment