ref: 89acedb9b8c8cf88f0a706184852adb7e8767b14
parent: c5214cd6d9b36622d838fe171273d9f0dd5ba407
author: cinap_lenrek <cinap_lenrek@felloff.net>
date: Mon May 26 18:43:21 EDT 2014
devproc: fix close and closefiles procctl for the CMclose procctl, the fd number was not bounds checked before indexing in the Fgrp.fd array. for the CMclosefiles, we looped fd from 0..maxfd-1, but need to loop from 0..maxfd as maxfd is inclusive.
--- a/sys/src/9/port/devproc.c
+++ b/sys/src/9/port/devproc.c
@@ -1270,28 +1270,14 @@
error(Eprocdied);
}
-static void
-procctlcloseone(Proc *p, Fgrp *f, int fd)
-{- Chan *c;
-
- c = f->fd[fd];
- if(c == nil)
- return;
- f->fd[fd] = nil;
- unlock(f);
- qunlock(&p->debug);
- cclose(c);
- qlock(&p->debug);
- lock(f);
-}
-
void
procctlclosefiles(Proc *p, int all, int fd)
{- int i;
Fgrp *f;
+ Chan *c;
+ if(fd < 0)
+ error(Ebadfd);
f = p->fgrp;
if(f == nil)
error(Eprocdied);
@@ -1298,11 +1284,20 @@
lock(f);
f->ref++;
- if(all)
- for(i = 0; i < f->maxfd; i++)
- procctlcloseone(p, f, i);
- else
- procctlcloseone(p, f, fd);
+ while(fd <= f->maxfd){+ c = f->fd[fd];
+ if(c != nil){+ f->fd[fd] = nil;
+ unlock(f);
+ qunlock(&p->debug);
+ cclose(c);
+ qlock(&p->debug);
+ lock(f);
+ }
+ if(!all)
+ break;
+ fd++;
+ }
unlock(f);
closefgrp(f);
}