!84 修复pid回绕时sss_cli_check_socket()函数误关应用程序打开的文件描述符
From: @answer_9030 Reviewed-by: @HuaxinLuGitee Signed-off-by: @HuaxinLuGitee
This commit is contained in:
openeuler-ci-bot
Gitee
commit
4cad1c7083
39
Fix-pid-wrapping-in-sss_cli_check_socket.patch
Normal file
39
Fix-pid-wrapping-in-sss_cli_check_socket.patch
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
diff -Naur sssd-2.8.2/src/sss_client/common.c sssd-2.8.2-b/src/sss_client/common.c
|
||||||
|
--- sssd-2.8.2/src/sss_client/common.c 2023-03-28 11:25:28.000000000 +0800
|
||||||
|
+++ sssd-2.8.2-b/src/sss_client/common.c 2023-03-28 11:26:09.000000000 +0800
|
||||||
|
@@ -663,22 +663,27 @@
|
||||||
|
const char *socket_name,
|
||||||
|
int timeout)
|
||||||
|
{
|
||||||
|
- static pid_t mypid;
|
||||||
|
- struct stat mysb;
|
||||||
|
+ static pid_t mypid_s;
|
||||||
|
+ static ino_t myself_ino;
|
||||||
|
+ struct stat mypid_sb, myself_sb;
|
||||||
|
+ pid_t mypid_d;
|
||||||
|
int mysd;
|
||||||
|
int ret;
|
||||||
|
|
||||||
|
- if (getpid() != mypid) {
|
||||||
|
- ret = fstat(sss_cli_sd, &mysb);
|
||||||
|
+ ret = lstat("/proc/self/", &myself_sb);
|
||||||
|
+ mypid_d = getpid();
|
||||||
|
+ if (mypid_d != mypid_s || (ret == 0 && myself_sb.st_ino != myself_ino)) {
|
||||||
|
+ ret = fstat(sss_cli_sd, &mypid_sb);
|
||||||
|
if (ret == 0) {
|
||||||
|
- if (S_ISSOCK(mysb.st_mode) &&
|
||||||
|
- mysb.st_dev == sss_cli_sb.st_dev &&
|
||||||
|
- mysb.st_ino == sss_cli_sb.st_ino) {
|
||||||
|
+ if (S_ISSOCK(mypid_sb.st_mode) &&
|
||||||
|
+ mypid_sb.st_dev == sss_cli_sb.st_dev &&
|
||||||
|
+ mypid_sb.st_ino == sss_cli_sb.st_ino) {
|
||||||
|
sss_cli_close_socket();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
sss_cli_sd = -1;
|
||||||
|
- mypid = getpid();
|
||||||
|
+ mypid_s = mypid_d;
|
||||||
|
+ myself_ino = myself_sb.st_ino;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* check if the socket has been closed on the other side */
|
||||||
@ -1,12 +1,13 @@
|
|||||||
Name: sssd
|
Name: sssd
|
||||||
Version: 2.8.2
|
Version: 2.8.2
|
||||||
Release: 4
|
Release: 5
|
||||||
Summary: System Security Services Daemon
|
Summary: System Security Services Daemon
|
||||||
License: GPLv3+ and LGPLv3+
|
License: GPLv3+ and LGPLv3+
|
||||||
URL: https://pagure.io/SSSD/sssd/
|
URL: https://pagure.io/SSSD/sssd/
|
||||||
Source0: https://github.com/SSSD/sssd/releases/download/%{version}/%{name}-%{version}.tar.gz
|
Source0: https://github.com/SSSD/sssd/releases/download/%{version}/%{name}-%{version}.tar.gz
|
||||||
|
|
||||||
Patch6000: MONITOR-fix-socket_activated-flag-initialization.patch
|
Patch6000: MONITOR-fix-socket_activated-flag-initialization.patch
|
||||||
|
Patch6001: Fix-pid-wrapping-in-sss_cli_check_socket.patch
|
||||||
|
|
||||||
Requires: python3-sssd = %{version}-%{release}
|
Requires: python3-sssd = %{version}-%{release}
|
||||||
Requires: libldb
|
Requires: libldb
|
||||||
@ -534,6 +535,9 @@ fi
|
|||||||
%systemd_postun_with_restart sssd.service
|
%systemd_postun_with_restart sssd.service
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Mar 28 2023 jiangjixiang <jiangjixiang@kylinos.cn> - 2.8.2-5
|
||||||
|
- fix pid wrapping in sss_cli_check_socket
|
||||||
|
|
||||||
* Wed Mar 08 2023 zhouchenchen123 <zhouchenchen@huawei.com> - 2.8.2-4
|
* Wed Mar 08 2023 zhouchenchen123 <zhouchenchen@huawei.com> - 2.8.2-4
|
||||||
- fix coredump in sssd.service
|
- fix coredump in sssd.service
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user