Bug 662726 - nfs4-acl-tools: FD leak in edit_ACL()
Summary: nfs4-acl-tools: FD leak in edit_ACL()
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: nfs4-acl-tools
Version: 6.7
Hardware: All
OS: Linux
low
low
Target Milestone: rc
: ---
Assignee: Steve Dickson
QA Contact: Yongcheng Yang
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-12-13 17:45 UTC by Daniel Kobras
Modified: 2016-05-10 20:29 UTC (History)
7 users (show)

Fixed In Version: nfs4-acl-tools-0.3.3-8.el6
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 1284608 (view as bug list)
Environment:
Last Closed: 2016-05-10 20:29:16 UTC
Target Upstream Version:


Attachments (Terms of Use)
nfs4_setfacl.c: Fix fd leak in edit_ACL(). (355 bytes, patch)
2010-12-13 17:45 UTC, Daniel Kobras
no flags Details | Diff
nfs4_setfacl.c: Fix fd leak in edit_ACL() (1.60 KB, patch)
2014-06-16 18:54 UTC, J. Bruce Fields
no flags Details | Diff
Fix fd leak in edit_ACL() (355 bytes, patch)
2014-06-17 07:37 UTC, Daniel Kobras
no flags Details | Diff
nfs4_setfacl.c: Fix fd leak in edit_ACL() (1.62 KB, patch)
2014-07-16 20:07 UTC, J. Bruce Fields
no flags Details | Diff


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2016:0786 normal SHIPPED_LIVE nfs4-acl-tools bug fix update 2016-05-10 22:36:29 UTC

Description Daniel Kobras 2010-12-13 17:45:41 UTC
Created attachment 468436 [details]
nfs4_setfacl.c: Fix fd leak in edit_ACL().

Description of problem:

nfs4_editfacl (aka. nfs4_setfacl -e) creates temporary files for ACL editing, but doesn't close the associated file descriptors at runtime. Therefore, the amount of files that can be adjusted with a single invocation of nfs4_editfacl (nfs4_setfacl -e) is limited by the process's RLIMIT_NOFILE setting.

Version-Release number of selected component (if applicable):

0.3.3-1

How reproducible:

Run nfs4_editfacl -R -P (or -L) on a tree with more than RLIMIT_NOFILE objects.
% EDITOR=fancy_acl_mangle.sh nfs4_editfacl -R -P .

Steps to Reproduce:
1. Assert 'ulimit -n' < 'find . -type f -o -type d | wc -l'
2. Run 'EDITOR=fancy_acl_mangle.sh nfs4_editfacl -R -P .' (EDITOR=/bin/true will do for testing purposes.)
3. Optionally run strace to watch the fds of the tempfiles increase up to RLIMIT_NOFILE.
  
Actual results:

When the fd of the current tempfile hits RLIMIT_NOFILE, the command abort with the following error message:

Failed to exec() editor "/bin/true".
An error occurred during recursive file tree walk.
Editor `/bin/true' did not exit cleanly; changes will not be saved.
An error occurred during recursive file tree walk.

Expected results:

Command finishes without error.

Additional info:

The attached oneliner fixes the fd leak.

Comment 2 RHEL Program Management 2014-03-07 13:32:47 UTC
This bug/component is not included in scope for RHEL-5.11.0 which is the last RHEL5 minor release. This Bugzilla will soon be CLOSED as WONTFIX (at the end of RHEL5.11 development phase (Apr 22, 2014)). Please contact your account manager or support representative in case you need to escalate this bug.

Comment 3 RHEL Program Management 2014-06-02 13:01:35 UTC
Thank you for submitting this request for inclusion in Red Hat Enterprise Linux 5. We've carefully evaluated the request, but are unable to include it in RHEL5 stream. If the issue is critical for your business, please provide additional business justification through the appropriate support channels (https://access.redhat.com/site/support).

Comment 4 Daniel Kobras 2014-06-16 12:53:23 UTC
I've just verified that this bug still applies to nfs-acl-tools-0.3.3-6.el6 in RHEL6.5 (and presumably in RHEL7 as well, according to the changelog), but I'm not allowed to update the product for this bug report.

Comment 5 J. Bruce Fields 2014-06-16 18:54:12 UTC
Created attachment 909209 [details]
nfs4_setfacl.c: Fix fd leak in edit_ACL()

Thanks for the report.  I think we want an fclose there, not a close.  I'm planning to commit the attached upstream with a changelog copied from your report.

Does that work for you?

Comment 6 Daniel Kobras 2014-06-17 07:37:25 UTC
Created attachment 909435 [details]
Fix fd leak in edit_ACL()

Fixed typoed variable name.

Comment 7 Daniel Kobras 2014-06-17 07:39:54 UTC
(In reply to J. Bruce Fields from comment #5)
> Created attachment 909209 [details]
> nfs4_setfacl.c: Fix fd leak in edit_ACL()
> 
> Thanks for the report.  I think we want an fclose there, not a close.  I'm
> planning to commit the attached upstream with a changelog copied from your
> report.
> 
> Does that work for you?

Sorry, should have been close(tmp_fd) rather than close(tmp_fp). I've revised the patch accordingly. Your version fixes the fd leak as well, but leaves a stray tmpfile if fdopen() fails.

Comment 8 J. Bruce Fields 2014-06-17 12:26:55 UTC
(In reply to Daniel Kobras from comment #7)
> Sorry, should have been close(tmp_fd) rather than close(tmp_fp). I've
> revised the patch accordingly. Your version fixes the fd leak as well, but
> leaves a stray tmpfile if fdopen() fails.

Oops, you're right, it's missing an unlink.

But is it really correct to call close on the underlying fd once you've associated a stream with it?  At a minimum isn't there a memory leak of any state associated with the stream?

(Also, why the cast?)

Comment 9 Ondrej Vasik 2014-07-16 11:58:18 UTC
Let's move it to RHEL 6 then - it is not something for production phase 3 release anyway.

Comment 11 J. Bruce Fields 2014-07-16 20:07:07 UTC
Created attachment 918511 [details]
nfs4_setfacl.c: Fix fd leak in edit_ACL()

Another version, that unlinks on fdopen() failure.

Comment 13 J. Bruce Fields 2015-11-17 16:36:27 UTC
This is fixed upstream now (see ba94f4b4d4bc "nfs4_setfacl.c: Fix fd leak in edit_ACL()" from git://linux-nfs.org:~bfields/exports/nfs4-acl-tools.git).

Steved, are you interested in taking this for RHEL?

Comment 17 Yongcheng Yang 2016-02-18 04:45:56 UTC
Move to VERIFIED as Comment 16

Comment 19 errata-xmlrpc 2016-05-10 20:29:16 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-0786.html


Note You need to log in before you can comment on or make changes to this bug.