Add patch to fix unwanted closing of FD 0

2018-08-01 10:21:12 +02:00 · 2018-08-01 10:21:12 +02:00 · ba8cc20c2b
commit ba8cc20c2b
parent 5001e659a7
2 changed files with 38 additions and 1 deletions
--- a/libkcapi-1.1.1-lib_Fix_kcapi_handle_destroy_closing_FD_0.patch
+++ b/libkcapi-1.1.1-lib_Fix_kcapi_handle_destroy_closing_FD_0.patch
@ -0,0 +1,33 @@
+From b2e9360dab74de1ffcb8527610e88b0da87c701e Mon Sep 17 00:00:00 2001
+From: Ondrej Mosnacek <omosnace@redhat.com>
+Date: Mon, 30 Jul 2018 17:17:59 +0200
+Subject: [PATCH] lib: Fix _kcapi_handle_destroy() closing FD 0
+
+The kcapi_handle structure is initialized with zeroes at allocation.
+However, since it contains several file descriptor variables, it may
+happen that _kcapi_handle_destroy() is executed while some of these are
+set to 0, causing an unwanted call to close(0).
+
+This patch prevents it by initializing all FD variables to -1 right
+after handle allocation.
+---
+ lib/kcapi-kernel-if.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/lib/kcapi-kernel-if.c b/lib/kcapi-kernel-if.c
+index 595ce68..dfa94b4 100644
+--- a/lib/kcapi-kernel-if.c
+++ b/lib/kcapi-kernel-if.c
+@@ -1146,6 +1146,12 @@ int _kcapi_handle_init(struct kcapi_handle **caller, const char *type,
+ 
+ 	handle->tfm = tfm;
+ 
+	/* Initialize all fd vars to -1 to avoid unwanted close(0) */
+	handle->pipes[0] = -1;
+	handle->pipes[1] = -1;
+	handle->opfd = -1;
+	handle->aio.efd = -1;
+
+ 	ret = _kcapi_handle_init_tfm(handle, type, ciphername);
+ 	if (ret)
+ 		goto err;
--- a/libkcapi.spec
+++ b/libkcapi.spec
@ -92,7 +92,7 @@ bin/kcapi-hasher -n fipshmac -d "$lib_path"/fipscheck            \\\

 Name:           libkcapi
 Version:        %{vmajor}.%{vminor}.%{vpatch}
-Release:        10%{?dist}
+Release:        11%{?dist}
 Summary:        User space interface to the Linux Kernel Crypto API

 License:        BSD or GPLv2
@ -108,6 +108,7 @@ Patch4:         %{giturl}/commit/a10e5ff7f8f69e1ed5cd4151f3e71f4783c40c68.patch#
 Patch5:         %{giturl}/compare/decf850ab9bb...ec9c36216623.patch#/%{name}-1.1.1-Fix_various_issues_reported_by_Coverity.patch
 Patch6:         %{giturl}/compare/4a1a30f75e70...c9ed6b2c0702.patch#/%{name}-1.1.1-Coverity_PR_follow-up.patch
 Patch7:         %{giturl}/pull/68.patch#/%{name}-1.1.1-test_Fix_AEAD_fuzz_test_for_big-endian_archs.patch
+Patch8:         %{giturl}/pull/70.patch#/%{name}-1.1.1-lib_Fix_kcapi_handle_destroy_closing_FD_0.patch

 BuildRequires:  clang
 BuildRequires:  coreutils
@ -421,6 +422,9 @@ popd


 %changelog
+* Wed Aug 01 2018 Ondrej Mosnáček <omosnace@redhat.com> - 1.1.1-11
+- Add patch to fix unwanted closing of FD 0
+
 * Tue Jul 31 2018 Ondrej Mosnáček <omosnace@redhat.com> - 1.1.1-10
 - Remove the kernel headers workaround