[PATCH] add closefrom()

Volker Lendecke Volker.Lendecke at SerNet.DE
Sun Jun 12 08:33:58 UTC 2016 

Hi!

In tfdd I'd like to use closefrom(). Attached find a patch that adds
it to configure and libreplace.

Review appreciated!

Thanks, Volker

-- 
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de

SerNet & BSI laden ein: 29. Juni 2016,
2. IT-Grundschutztag 2016, BPA Berlin.
Anmeldung: https://www.sernet.de/gstag
-------------- next part --------------
From 5c973147be0d2ec7cedb4b506309465f0c1ae0ef Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Thu, 9 Jun 2016 21:27:09 +0200
Subject: [PATCH 1/2] libreplace: Add a closefrom() implementation

There is closefrom in some BSDs, but Linux ships this only as part
of libbsd.  Add a new implementation of it in libreplace. The one in
libbsd of jessie and upstream differ and it has for example optimizations
for FreeBSD, but it gets some of the array calculations slightly wrong
from my point of view. If you want those, use libbsd. This replacement
is optimized on Linux only looking at /proc/self/fd/, everything else
would do the OPEN_MAX brute force fallback.

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 lib/replace/closefrom.c | 138 ++++++++++++++++++++++++++++++++++++++++++++++++
 lib/replace/replace.h   |   6 +++
 lib/replace/wscript     |   6 +++
 3 files changed, 150 insertions(+)
 create mode 100644 lib/replace/closefrom.c

diff --git a/lib/replace/closefrom.c b/lib/replace/closefrom.c
new file mode 100644
index 0000000..a61a80f
--- /dev/null
+++ b/lib/replace/closefrom.c
@@ -0,0 +1,138 @@
+/*
+ * Unix SMB/CIFS implementation.
+ * Samba utility functions
+ * Copyright (C) Volker Lendecke 2016
+ *
+ *   ** NOTE! The following LGPL license applies to the replace
+ *   ** library. This does NOT imply that all of Samba is released
+ *   ** under the LGPL
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Library General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "replace.h"
+#include <dirent.h>
+#include <unistd.h>
+#include <limits.h>
+
+static int closefrom_sysconf(int lower)
+{
+	long max_files, fd;
+
+	max_files = sysconf(_SC_OPEN_MAX);
+	if (max_files == -1) {
+		max_files = 65536;
+	}
+
+	for (fd=lower; fd<max_files; fd++) {
+		close(fd);
+	}
+
+	return 0;
+}
+
+static int closefrom_procfs(int lower)
+{
+	DIR *dirp;
+	int dir_fd;
+	struct dirent *dp;
+	int *fds = NULL;
+	size_t num_fds = 0;
+	size_t fd_array_size = 0;
+	size_t i;
+	int ret = ENOMEM;
+
+	dirp = opendir("/proc/self/fd");
+	if (dirp == 0) {
+		return errno;
+	}
+
+	dir_fd = dirfd(dirp);
+	if (dir_fd == -1) {
+		ret = errno;
+		goto fail;
+	}
+
+	while ((dp = readdir(dirp)) != NULL) {
+		char *endptr;
+		unsigned long long fd;
+
+		errno = 0;
+
+		fd = strtoull(dp->d_name, &endptr, 10);
+		if ((fd == 0) && (errno == EINVAL)) {
+			continue;
+		}
+		if ((fd == ULLONG_MAX) && (errno == ERANGE)) {
+			continue;
+		}
+		if (*endptr != '\0') {
+			continue;
+		}
+		if (fd == dir_fd) {
+			continue;
+		}
+		if (fd > INT_MAX) {
+			continue;
+		}
+		if (fd < lower) {
+			continue;
+		}
+
+		if (num_fds >= (fd_array_size / sizeof(int))) {
+			void *tmp;
+
+			if (fd_array_size == 0) {
+				fd_array_size = 16 * sizeof(int);
+			} else {
+				if (fd_array_size + fd_array_size <
+				    fd_array_size) {
+					/* overflow */
+					goto fail;
+				}
+				fd_array_size = fd_array_size + fd_array_size;
+			}
+
+			tmp = realloc(fds, fd_array_size);
+			if (tmp == NULL) {
+				goto fail;
+			}
+			fds = tmp;
+		}
+
+		fds[num_fds++] = fd;
+	}
+
+	for (i=0; i<num_fds; i++) {
+		close(fds[i]);
+	}
+
+	ret = 0;
+fail:
+	closedir(dirp);
+	free(fds);
+	return ret;
+}
+
+int rep_closefrom(int lower)
+{
+	int ret;
+
+	ret = closefrom_procfs(lower);
+	if (ret == 0) {
+		return 0;
+	}
+
+	return closefrom_sysconf(lower);
+}
diff --git a/lib/replace/replace.h b/lib/replace/replace.h
index 7080373..c69a069 100644
--- a/lib/replace/replace.h
+++ b/lib/replace/replace.h
@@ -247,6 +247,12 @@ size_t rep_strlcpy(char *d, const char *s, size_t bufsize);
 size_t rep_strlcat(char *d, const char *s, size_t bufsize);
 #endif
 
+#ifndef HAVE_CLOSEFROM
+#define closefrom rep_closefrom
+int rep_closefrom(int lower);
+#endif
+
+
 #if (defined(BROKEN_STRNDUP) || !defined(HAVE_STRNDUP))
 #undef HAVE_STRNDUP
 #define strndup rep_strndup
diff --git a/lib/replace/wscript b/lib/replace/wscript
index 5efd86c..145300d 100644
--- a/lib/replace/wscript
+++ b/lib/replace/wscript
@@ -257,6 +257,9 @@ def configure(conf):
     if not conf.CHECK_FUNCS_IN('setproctitle', 'setproctitle', headers='setproctitle.h'):
         conf.CHECK_FUNCS_IN('setproctitle', 'bsd', headers='sys/types.h bsd/unistd.h')
 
+    if not conf.CHECK_FUNCS('closefrom'):
+        conf.CHECK_FUNCS_IN('closefrom', 'bsd', headers='bsd/unistd.h')
+
     conf.CHECK_CODE('''
                 struct ucred cred;
                 socklen_t cred_len;
@@ -683,6 +686,9 @@ def build(bld):
     if not bld.CONFIG_SET('HAVE_GETXATTR') or bld.CONFIG_SET('XATTR_ADDITIONAL_OPTIONS'):
                                                  REPLACE_SOURCE += ' xattr.c'
 
+    if not bld.CONFIG_SET('HAVE_CLOSEFROM'):
+        REPLACE_SOURCE += ' closefrom.c'
+
     bld.SAMBA_LIBRARY('replace',
                       source=REPLACE_SOURCE,
                       group='base_libraries',
-- 
2.1.4


From 99edd8ad49ffdcfa419c95cca142b5d6a1c36dd9 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Fri, 10 Jun 2016 11:40:33 +0200
Subject: [PATCH 2/2] lib: Add a little closefrom() test

Signed-off-by: Volker Lendecke <vl at samba.org>
---
 lib/replace/test/testsuite.c | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

diff --git a/lib/replace/test/testsuite.c b/lib/replace/test/testsuite.c
index 961b77d..dba545e 100644
--- a/lib/replace/test/testsuite.c
+++ b/lib/replace/test/testsuite.c
@@ -1063,6 +1063,38 @@ static int test_memmem(void)
 	return true;
 }
 
+static bool test_closefrom(void)
+{
+	int i, fd;
+
+	for (i=0; i<100; i++) {
+		fd = dup(0);
+		if (fd == -1) {
+			perror("dup failed");
+			return false;
+		}
+
+		/* 1000 is just an arbitrarily chosen upper bound */
+
+		if (fd >= 1000) {
+			printf("fd=%d\n", fd);
+			return false;
+		}
+	}
+
+	closefrom(3);
+
+	for (i=3; i<=fd; i++) {
+		off_t off;
+		off = lseek(i, 0, SEEK_CUR);
+		if ((off != (off_t)-1) || (errno != EBADF)) {
+			printf("fd %d not closed\n", i);
+			return false;
+		}
+	}
+
+	return true;
+}
 
 bool torture_local_replace(struct torture_context *ctx)
 {
@@ -1113,6 +1145,7 @@ bool torture_local_replace(struct torture_context *ctx)
 	ret &= test_utime();
 	ret &= test_utimes();
 	ret &= test_memmem();
+	ret &= test_closefrom();
 
 	return ret;
 }
-- 
2.1.4

More information about the samba-technical mailing list