Bug #966
closedshort _file in stdio -> fd leak
0%
Description
Hey,
So at work we ran into a situation where a process had to fdopen more
than 32K files, which lead to a file descriptor leak. The reason for
this leak was that while regular fds are ints, _file is a short, so if
fdopen got an fd larger than SHRT_MAX, it would get sign-extended and
thus become invalid, causing the subsequent fclose to fail.
This being FreeBSD, the fix was found and contributed back into
FreeBSD's repository by John Baldwin in
http://www.freebsd.org/cgi/cvsweb.cgi/src/lib/libc/stdio/fdopen.c.diff?r1=1.8;r2=1.9
(and other files; with surrounding discussion on
http://docs.freebsd.org/mail/archive/2008/freebsd-arch/20080302.freebsd-arch.html).
This fix was also added in NetBSD in
http://mail-index.netbsd.org/source-changes/2008/03/13/msg003463.html .
I don't know if this also affects DragonFlyBSD but maybe it should
probably be looked at.
-Jan
Updated by joerg almost 17 years ago
The file descriptor stored in FILE is int.
Joerg