public inbox for glibc-bugs@sourceware.org help / color / mirror / Atom feed
* [Bug libc/31695] New: pidfd_spawn/pidfd_spawnp leak an fd if clone3 succeeds but execve fails
@ 2024-05-02 17:45 corsix at corsix dot org
2024-05-03 9:32 ` [Bug libc/31695] " fweimer at redhat dot com
` (5 more replies)
0 siblings, 6 replies; 7+ messages in thread
From: corsix at corsix dot org @ 2024-05-02 17:45 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=31695
Bug ID: 31695
Summary: pidfd_spawn/pidfd_spawnp leak an fd if clone3 succeeds
but execve fails
Product: glibc
Version: 2.39
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: libc
Assignee: unassigned at sourceware dot org
Reporter: corsix at corsix dot org
CC: drepper.fsp at gmail dot com
Target Milestone: ---
Created attachment 15483
--> https://sourceware.org/bugzilla/attachment.cgi?id=15483&action=edit
test.c
The pidfd_spawn / pidfd_spawnp functions introduced as part of BZ#30349 will
allocate an fd as part of the clone3 call, but only return that fd to their
caller if the execve in the child succeeds. If the execve in the child fails,
then pidfd_spawn / pidfd_spawnp will reap the child and return an appropriate
error code to their caller. This error handling path currently forgets to close
the fd, resulting in an fd leak.
Trivial test program attached that makes a number of pidfd_spawnp calls, prints
the returned error code and returned pidfd, and then lists the contents of
/proc/self/fd. The returned error code is correct (ENOENT), and no pidfd is
returned, but then the listing step reports a bunch of leaked pidfds floating
around.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread* [Bug libc/31695] pidfd_spawn/pidfd_spawnp leak an fd if clone3 succeeds but execve fails 2024-05-02 17:45 [Bug libc/31695] New: pidfd_spawn/pidfd_spawnp leak an fd if clone3 succeeds but execve fails corsix at corsix dot org @ 2024-05-03 9:32 ` fweimer at redhat dot com 2024-05-03 9:32 ` fweimer at redhat dot com ` (4 subsequent siblings) 5 siblings, 0 replies; 7+ messages in thread From: fweimer at redhat dot com @ 2024-05-03 9:32 UTC (permalink / raw) To: glibc-bugs https://sourceware.org/bugzilla/show_bug.cgi?id=31695 Florian Weimer <fweimer at redhat dot com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |fweimer at redhat dot com -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug libc/31695] pidfd_spawn/pidfd_spawnp leak an fd if clone3 succeeds but execve fails 2024-05-02 17:45 [Bug libc/31695] New: pidfd_spawn/pidfd_spawnp leak an fd if clone3 succeeds but execve fails corsix at corsix dot org 2024-05-03 9:32 ` [Bug libc/31695] " fweimer at redhat dot com @ 2024-05-03 9:32 ` fweimer at redhat dot com 2024-05-03 9:32 ` fweimer at redhat dot com ` (3 subsequent siblings) 5 siblings, 0 replies; 7+ messages in thread From: fweimer at redhat dot com @ 2024-05-03 9:32 UTC (permalink / raw) To: glibc-bugs https://sourceware.org/bugzilla/show_bug.cgi?id=31695 Florian Weimer <fweimer at redhat dot com> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags| |security? -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug libc/31695] pidfd_spawn/pidfd_spawnp leak an fd if clone3 succeeds but execve fails 2024-05-02 17:45 [Bug libc/31695] New: pidfd_spawn/pidfd_spawnp leak an fd if clone3 succeeds but execve fails corsix at corsix dot org 2024-05-03 9:32 ` [Bug libc/31695] " fweimer at redhat dot com 2024-05-03 9:32 ` fweimer at redhat dot com @ 2024-05-03 9:32 ` fweimer at redhat dot com 2024-05-04 4:22 ` sam at gentoo dot org ` (2 subsequent siblings) 5 siblings, 0 replies; 7+ messages in thread From: fweimer at redhat dot com @ 2024-05-03 9:32 UTC (permalink / raw) To: glibc-bugs https://sourceware.org/bugzilla/show_bug.cgi?id=31695 Florian Weimer <fweimer at redhat dot com> changed: What |Removed |Added ---------------------------------------------------------------------------- Ever confirmed|0 |1 Last reconfirmed| |2024-05-03 Status|UNCONFIRMED |NEW -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug libc/31695] pidfd_spawn/pidfd_spawnp leak an fd if clone3 succeeds but execve fails 2024-05-02 17:45 [Bug libc/31695] New: pidfd_spawn/pidfd_spawnp leak an fd if clone3 succeeds but execve fails corsix at corsix dot org ` (2 preceding siblings ...) 2024-05-03 9:32 ` fweimer at redhat dot com @ 2024-05-04 4:22 ` sam at gentoo dot org 2024-05-06 12:27 ` adhemerval.zanella at linaro dot org 2024-06-25 16:49 ` adhemerval.zanella at linaro dot org 5 siblings, 0 replies; 7+ messages in thread From: sam at gentoo dot org @ 2024-05-04 4:22 UTC (permalink / raw) To: glibc-bugs https://sourceware.org/bugzilla/show_bug.cgi?id=31695 Sam James <sam at gentoo dot org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |sam at gentoo dot org -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug libc/31695] pidfd_spawn/pidfd_spawnp leak an fd if clone3 succeeds but execve fails 2024-05-02 17:45 [Bug libc/31695] New: pidfd_spawn/pidfd_spawnp leak an fd if clone3 succeeds but execve fails corsix at corsix dot org ` (3 preceding siblings ...) 2024-05-04 4:22 ` sam at gentoo dot org @ 2024-05-06 12:27 ` adhemerval.zanella at linaro dot org 2024-06-25 16:49 ` adhemerval.zanella at linaro dot org 5 siblings, 0 replies; 7+ messages in thread From: adhemerval.zanella at linaro dot org @ 2024-05-06 12:27 UTC (permalink / raw) To: glibc-bugs https://sourceware.org/bugzilla/show_bug.cgi?id=31695 Adhemerval Zanella <adhemerval.zanella at linaro dot org> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|unassigned at sourceware dot org |adhemerval.zanella at linaro dot o | |rg Status|NEW |ASSIGNED CC| |adhemerval.zanella at linaro dot o | |rg --- Comment #1 from Adhemerval Zanella <adhemerval.zanella at linaro dot org> --- I am working a patch to fix it, thanks to bring this up. -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 7+ messages in thread
* [Bug libc/31695] pidfd_spawn/pidfd_spawnp leak an fd if clone3 succeeds but execve fails 2024-05-02 17:45 [Bug libc/31695] New: pidfd_spawn/pidfd_spawnp leak an fd if clone3 succeeds but execve fails corsix at corsix dot org ` (4 preceding siblings ...) 2024-05-06 12:27 ` adhemerval.zanella at linaro dot org @ 2024-06-25 16:49 ` adhemerval.zanella at linaro dot org 5 siblings, 0 replies; 7+ messages in thread From: adhemerval.zanella at linaro dot org @ 2024-06-25 16:49 UTC (permalink / raw) To: glibc-bugs https://sourceware.org/bugzilla/show_bug.cgi?id=31695 Adhemerval Zanella <adhemerval.zanella at linaro dot org> changed: What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|--- |2.40 Status|ASSIGNED |RESOLVED Resolution|--- |FIXED --- Comment #2 from Adhemerval Zanella <adhemerval.zanella at linaro dot org> --- Fixed on 2.40. -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2024-06-25 16:49 UTC | newest] Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2024-05-02 17:45 [Bug libc/31695] New: pidfd_spawn/pidfd_spawnp leak an fd if clone3 succeeds but execve fails corsix at corsix dot org 2024-05-03 9:32 ` [Bug libc/31695] " fweimer at redhat dot com 2024-05-03 9:32 ` fweimer at redhat dot com 2024-05-03 9:32 ` fweimer at redhat dot com 2024-05-04 4:22 ` sam at gentoo dot org 2024-05-06 12:27 ` adhemerval.zanella at linaro dot org 2024-06-25 16:49 ` adhemerval.zanella at linaro dot org
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).