Red Hat Bugzilla – Bug 106270
filedescriptor not closed in int ipforward();
Last modified: 2014-08-31 19:25:28 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030611
Description of problem:
To figure out if the IP Forwarding is on or
off zebra opens /proc/net/snmp for reading (why is not sysctl used for
this??), reads the second line and then returns a value (1 - forwarding
is on, 2 - forwarding is off). This is performed in
zebra/ipforward_proc.c - function int ipforward(). Unfortunately the
file opened for reading is not also closed before the function returns,
this causing zebra to reopen that file as long as there are less than
NR_OPEN (as defined in linux kernel, usually 1024) permits. When
NR_OPEN linux is hit zebra can start behaving weird, or can run normally
as well except that any operation which needs to open files will fail
(wr mem for example).
Version-Release number of selected component (if applicable):
zebra-0.93b-2 (0.93a downto 0.91, etc are also affected)
Steps to Reproduce:
1. ls -al /proc/$(pidof zebra)/fd | grep snmp | wc -l
2.login to zebra and run any command that needs to call ipforward() (sh ip forw,
sh runn, etc);
3. on a console keep running the command from 1. and on another console, on that
you logged into zebra, keep running "sh ip forward".
Actual Results: The number of filedescriptors pointing to /proc/net/snmp will
increase until NR_OPEN limit is hit.
Severity: I'll leave it to "it's a bug and should be fixed". Actually when no
more file descriptors can be opened the configuration file cannot be saved and
various settings can be lost. This bug (and a patch for it) was also posted on
email@example.com and firstname.lastname@example.org mailling lists.
Created attachment 94933 [details]
A simple patch for this bug.
This patch was included in quagga-0.96-5, which is in rawhide