From 270892ce0aa34981474cedfa90e120b5971c6e13 Mon Sep 17 00:00:00 2001 From: jilles Date: Wed, 26 Mar 2014 20:43:40 +0000 Subject: sh: Fix possible memory leaks and double frees with unexpected SIGINT. --- bin/sh/redir.c | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) (limited to 'bin/sh/redir.c') diff --git a/bin/sh/redir.c b/bin/sh/redir.c index 647b10a..6127e86 100644 --- a/bin/sh/redir.c +++ b/bin/sh/redir.c @@ -92,6 +92,13 @@ static int openhere(union node *); * undone by calling popredir. If the REDIR_BACKQ flag is set, then the * standard output, and the standard error if it becomes a duplicate of * stdout, is saved in memory. +* + * We suppress interrupts so that we won't leave open file + * descriptors around. Because the signal handler remains + * installed and we do not use system call restart, interrupts + * will still abort blocking opens such as fifos (they will fail + * with EINTR). There is, however, a race condition if an interrupt + * arrives after INTOFF and before open blocks. */ void @@ -103,6 +110,7 @@ redirect(union node *redir, int flags) int fd; char memory[10]; /* file descriptors to write to memory */ + INTOFF; for (i = 10 ; --i >= 0 ; ) memory[i] = 0; memory[1] = flags & REDIR_BACKQ; @@ -139,11 +147,14 @@ redirect(union node *redir, int flags) INTON; } openredirect(n, memory); + INTON; + INTOFF; } if (memory[1]) out1 = &memout; if (memory[2]) out2 = &memout; + INTON; } @@ -156,15 +167,6 @@ openredirect(union node *redir, char memory[10]) int f; int e; - /* - * We suppress interrupts so that we won't leave open file - * descriptors around. Because the signal handler remains - * installed and we do not use system call restart, interrupts - * will still abort blocking opens such as fifos (they will fail - * with EINTR). There is, however, a race condition if an interrupt - * arrives after INTOFF and before open blocks. - */ - INTOFF; memory[fd] = 0; switch (redir->nfile.type) { case NFROM: @@ -237,7 +239,6 @@ movefd: default: abort(); } - INTON; } -- cgit v1.1