| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20230511144224.26975-1-nicolas.dichtel@6wind.com>
Date: Thu, 11 May 2023 16:42:24 +0200
From: Nicolas Dichtel <nicolas.dichtel@...nd.com>
To: Stephen Hemminger <stephen@...workplumber.org>
Cc: David Ahern <dsahern@...il.com>,
netdev@...r.kernel.org,
Nicolas Dichtel <nicolas.dichtel@...nd.com>
Subject: [PATCH iproute2] ipnetns: fix fd leak with 'ip netns set'
There is no reason to open this netns file. set_netnsid_from_name() uses
netns_get_fd() for this purpose and uses the returned fd.
Reported-by: Stephen Hemminger <stephen@...workplumber.org>
Fixes: d182ee1307c7 ("ipnetns: allow to get and set netns ids")
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@...nd.com>
---
ip/ipnetns.c | 11 +----------
1 file changed, 1 insertion(+), 10 deletions(-)
diff --git a/ip/ipnetns.c b/ip/ipnetns.c
index 1203534914fe..9d996832aef8 100644
--- a/ip/ipnetns.c
+++ b/ip/ipnetns.c
@@ -967,9 +967,8 @@ int set_netnsid_from_name(const char *name, int nsid)
static int netns_set(int argc, char **argv)
{
- char netns_path[PATH_MAX];
const char *name;
- int netns, nsid;
+ int nsid;
if (argc < 1) {
fprintf(stderr, "No netns name specified\n");
@@ -988,14 +987,6 @@ static int netns_set(int argc, char **argv)
else if (nsid < 0)
invarg("\"netnsid\" value should be >= 0", argv[1]);
- snprintf(netns_path, sizeof(netns_path), "%s/%s", NETNS_RUN_DIR, name);
- netns = open(netns_path, O_RDONLY | O_CLOEXEC);
- if (netns < 0) {
- fprintf(stderr, "Cannot open network namespace \"%s\": %s\n",
- name, strerror(errno));
- return -1;
- }
-
return set_netnsid_from_name(name, nsid);
}
--
2.39.2
Powered by blists - more mailing lists