summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPaolo Bonzini <pbonzini@redhat.com>2010-04-16 17:25:23 +0200
committerLuiz Capitulino <lcapitulino@redhat.com>2010-04-26 16:36:31 -0300
commit9358b1dec54001ca3b48b298775ecc1c9f0f6db1 (patch)
tree3a43939d72679d0700c1c72abeaf1fb93c0e7e42
parent48ec7677641bf12874cc9dd4bbbee3a92be9bc68 (diff)
downloadqemu-9358b1dec54001ca3b48b298775ecc1c9f0f6db1.tar.gz
qemu-9358b1dec54001ca3b48b298775ecc1c9f0f6db1.tar.bz2
qemu-9358b1dec54001ca3b48b298775ecc1c9f0f6db1.zip
stash away SCM_RIGHTS fd until a getfd command arrives
If there is already a fd in s->msgfd before recvmsg it is closed by parts that this patch does not touch. So, only one descriptor can be "leaked" by attaching it to a command other than getfd. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>
-rw-r--r--monitor.c9
-rw-r--r--qemu-char.c9
2 files changed, 3 insertions, 15 deletions
diff --git a/monitor.c b/monitor.c
index 0dc24a2f75..754bcc5cc0 100644
--- a/monitor.c
+++ b/monitor.c
@@ -2415,15 +2415,6 @@ static int do_getfd(Monitor *mon, const QDict *qdict, QObject **ret_data)
return -1;
}
- fd = dup(fd);
- if (fd == -1) {
- if (errno == EMFILE)
- qerror_report(QERR_TOO_MANY_FILES);
- else
- qerror_report(QERR_UNDEFINED_ERROR);
- return -1;
- }
-
QLIST_FOREACH(monfd, &mon->fds, next) {
if (strcmp(monfd->name, fdname) != 0) {
continue;
diff --git a/qemu-char.c b/qemu-char.c
index 05df971412..ac65a1c806 100644
--- a/qemu-char.c
+++ b/qemu-char.c
@@ -2000,8 +2000,9 @@ static void tcp_chr_process_IAC_bytes(CharDriverState *chr,
static int tcp_get_msgfd(CharDriverState *chr)
{
TCPCharDriver *s = chr->opaque;
-
- return s->msgfd;
+ int fd = s->msgfd;
+ s->msgfd = -1;
+ return fd;
}
#ifndef _WIN32
@@ -2089,10 +2090,6 @@ static void tcp_chr_read(void *opaque)
tcp_chr_process_IAC_bytes(chr, s, buf, &size);
if (size > 0)
qemu_chr_read(chr, buf, size);
- if (s->msgfd != -1) {
- close(s->msgfd);
- s->msgfd = -1;
- }
}
}