[PATCH] ev: fix epoll_init fd leak
Ben Noordhuis
info at bnoordhuis.nl
Mon Oct 31 11:10:56 CET 2011
On Mon, Oct 31, 2011 at 10:41, Marc Lehmann <schmorp at schmorp.de> wrote:
> On Mon, Oct 31, 2011 at 04:18:22AM +0100, Ben Noordhuis <info at bnoordhuis.nl> wrote:
>> epoll_init() leaks a file descriptor if it's called when the process
>> has no open file descriptors.
>
> When there are no open fds, then epoll_create1 will return -1 and will not
> allocate an fd.
>
> If epoll_create1 ever returns 0 you basically have a security issue in your
> program, and it's indeed best to leave it alone.
>
> (fd 0 is always stdin, it's always in use and can never leak).
Sorry, but you're wrong (and that remark about it being a security
issue is patent nonsense).
Closing file descriptors 0-2 is a common practice for daemons. The
kernel always assigns the lowest available fd so epoll_create1() will
indeed return 0. Run the program below and see for yourself.
#include <stdio.h>
#include <unistd.h>
#include <sys/epoll.h>
int main(void) {
close(0);
fprintf(stderr, "%d\n", epoll_create1(0)); // prints "0\n"
return 0;
}
More information about the libev
mailing list