Project

General

Profile

Actions

Bug #966

closed

short _file in stdio -> fd leak

Added by jschauma almost 17 years ago. Updated over 16 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:

Description

Hey,

So at work we ran into a situation where a process had to fdopen more
than 32K files, which lead to a file descriptor leak. The reason for
this leak was that while regular fds are ints, _file is a short, so if
fdopen got an fd larger than SHRT_MAX, it would get sign-extended and
thus become invalid, causing the subsequent fclose to fail.

This being FreeBSD, the fix was found and contributed back into
FreeBSD's repository by John Baldwin in
http://www.freebsd.org/cgi/cvsweb.cgi/src/lib/libc/stdio/fdopen.c.diff?r1=1.8;r2=1.9
(and other files; with surrounding discussion on
http://docs.freebsd.org/mail/archive/2008/freebsd-arch/20080302.freebsd-arch.html).

This fix was also added in NetBSD in
http://mail-index.netbsd.org/source-changes/2008/03/13/msg003463.html .
I don't know if this also affects DragonFlyBSD but maybe it should
probably be looked at.

-Jan

Actions #1

Updated by joerg almost 17 years ago

The file descriptor stored in FILE is int.

Joerg

Actions #2

Updated by dblazakis over 16 years ago

Doesn't affect DragonFly

Actions

Also available in: Atom PDF