[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#39693: libc6: error in _IO_old_proc_open (libio/oldiopopen.c)

Package: libc6
Version: 2.1.1-12
Severity: normal

I was tracking down a problem in man-db (see #39686), and it turns out
to be an error in the compat code for popen().  This error is probably
triggered by any program that popens more than one stream at a time.

oldiopopen.c uses a variable old_proc_file_chain to keep track of the
currently open process streams.  However, it always destroys this chain
just before adding a new stream.  This happens around line 152.
(Normally one would expect this code to execute only in the child,
but the file #defines _IO_fork to vfork!  Thus, the child clobbers
the parent's copy of old_proc_file_chain).

The new code, in iopopen.c, cunningly avoids this problem by introducing
a loop variable instead of messing with the global variable.  I've used
that as the basis for preparing this patch.  Please note that the
patch is UNTESTED.

--- /tmp/oldiopopen.c	Thu Jun 17 23:45:15 1999
+++ oldiopopen.c	Thu Jun 17 23:47:10 1999
@@ -140,6 +140,8 @@
   if (child_pid == 0)
       int child_std_end = mode[0] == 'r' ? 1 : 0;
+      struct _IO_proc_file *p;
       _IO_close (parent_end);
       if (child_end != child_std_end)
@@ -149,11 +151,8 @@
       /* POSIX.2:  "popen() shall ensure that any streams from previous
          popen() calls that remain open in the parent process are closed
 	 in the new child process." */
-      while (old_proc_file_chain)
-	{
-	  _IO_close (_IO_fileno ((_IO_FILE *) old_proc_file_chain));
-	  old_proc_file_chain = old_proc_file_chain->next;
-	}
+      for (p = old_proc_file_chain; p; p = p->next)
+	_IO_close (_IO_fileno ((_IO_FILE *) p));
       _IO_execl ("/bin/sh", "sh", "-c", command, (char *) 0);
       _IO__exit (127);

-- System Information
Debian Release: potato
Kernel Version: Linux night 2.2.5 #1 Fri Apr 9 22:49:28 CEST 1999 i586 unknown

Versions of the packages libc6 depends on:
ii  ldso            1.9.11-2       The Linux dynamic linker, library and utilit

Reply to: