Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 694372 Details for
Bug 845821
-milterfdleaks patch causes endless, high frequent log storm
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
Patch against 8.14.6 (Rawhide)
sendmail-8.14.6-milterfdleaks.patch (text/plain), 2.42 KB, created by
Paul Howarth
on 2013-02-07 10:26:25 UTC
(
hide
)
Description:
Patch against 8.14.6 (Rawhide)
Filename:
MIME Type:
Creator:
Paul Howarth
Created:
2013-02-07 10:26:25 UTC
Size:
2.42 KB
patch
obsolete
>Patches by Paul Howarth >https://bugzilla.redhat.com/show_bug.cgi?id=485426 > >Updated to check for valid socket on libmilter side before attempting to set >FD_CLOEXEC, so as to avoid filling logs with rubbish; sendmail side doesn't >need that check because the socket has already been validated by that point >in the code >https://bugzilla.redhat.com/show_bug.cgi?id=845821 > >--- sendmail-8.14.6/sendmail/milter.c >+++ sendmail-8.14.6/sendmail/milter.c >@@ -30,6 +30,9 @@ SM_RCSID("@(#)$Id: milter.c,v 8.279 2012 > > # include <sm/fdset.h> > >+# include <unistd.h> >+# include <fcntl.h> >+ > static void milter_connect_timeout __P((int)); > static void milter_error __P((struct milter *, ENVELOPE *)); > static int milter_open __P((struct milter *, bool, ENVELOPE *)); >@@ -655,6 +658,7 @@ milter_open(m, parseonly, e) > SOCKADDR_LEN_T addrlen = 0; > int addrno = 0; > int save_errno; >+ int fdflags; > char *p; > char *colon; > char *at; >@@ -1191,6 +1195,20 @@ milter_open(m, parseonly, e) > (char *)&nodelay, sizeof(nodelay)); > } > # endif /* MILTER_NO_NAGLE && !defined(TCP_CORK) */ >+ >+ /* >+ ** Need to set close-on-exec for sock to prevent it >+ ** leaking to the local delivery process >+ */ >+ if ((fdflags = fcntl(sock, F_GETFD, 0)) == -1 || >+ fcntl(sock, F_SETFD, fdflags | FD_CLOEXEC) == -1) >+ { >+ if (MilterLogLevel > 0) >+ sm_syslog(LOG_WARNING, e->e_id, >+ "Milter (%s): error setting close-on-exec on milter socket (%s)", >+ m->mf_name, sm_errstring(errno)); >+ } >+ > return sock; > } > >--- sendmail-8.14.6/libmilter/listener.c >+++ sendmail-8.14.6/libmilter/listener.c >@@ -728,6 +728,7 @@ mi_listener(conn, dbg, smfi, timeout, ba > int acnt = 0; /* error count for accept() failures */ > int scnt = 0; /* error count for select() failures */ > int save_errno = 0; >+ int fdflags; > #if !_FFR_WORKERS_POOL > sthread_t thread_id; > #endif /* !_FFR_WORKERS_POOL */ >@@ -808,6 +809,20 @@ mi_listener(conn, dbg, smfi, timeout, ba > (void) smutex_unlock(&L_Mutex); > > /* >+ ** Need to set close-on-exec for connfd in case a user's >+ ** filter starts other applications >+ */ >+ if (ValidSocket(connfd) && >+ ((fdflags = fcntl(connfd, F_GETFD, 0)) == -1 || >+ fcntl(connfd, F_SETFD, fdflags | FD_CLOEXEC) == -1)) >+ { >+ smi_log(SMI_LOG_WARN, >+ "%s: set close-on-exec failed (%s)", >+ smfi->xxfi_name, sm_errstring(errno)); >+ /* XXX: continue? */ >+ } >+ >+ /* > ** If remote side closes before accept() finishes, > ** sockaddr might not be fully filled in. > */
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=694372">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 845821
:
602450
| 694372