From 89acedb9b8c8cf88f0a706184852adb7e8767b14 Mon Sep 17 00:00:00 2001 From: cinap_lenrek Date: Mon, 26 May 2014 22:43:21 +0200 Subject: [PATCH] devproc: fix close and closefiles procctl for the CMclose procctl, the fd number was not bounds checked before indexing in the Fgrp.fd array. for the CMclosefiles, we looped fd from 0..maxfd-1, but need to loop from 0..maxfd as maxfd is inclusive. --- sys/src/9/port/devproc.c | 39 +++++++++++++++++---------------------- 1 file changed, 17 insertions(+), 22 deletions(-) diff --git a/sys/src/9/port/devproc.c b/sys/src/9/port/devproc.c index 1258e46d8..db229802d 100644 --- a/sys/src/9/port/devproc.c +++ b/sys/src/9/port/devproc.c @@ -1270,39 +1270,34 @@ procstopwait(Proc *p, int ctl) error(Eprocdied); } -static void -procctlcloseone(Proc *p, Fgrp *f, int fd) -{ - Chan *c; - - c = f->fd[fd]; - if(c == nil) - return; - f->fd[fd] = nil; - unlock(f); - qunlock(&p->debug); - cclose(c); - qlock(&p->debug); - lock(f); -} - void procctlclosefiles(Proc *p, int all, int fd) { - int i; Fgrp *f; + Chan *c; + if(fd < 0) + error(Ebadfd); f = p->fgrp; if(f == nil) error(Eprocdied); lock(f); f->ref++; - if(all) - for(i = 0; i < f->maxfd; i++) - procctlcloseone(p, f, i); - else - procctlcloseone(p, f, fd); + while(fd <= f->maxfd){ + c = f->fd[fd]; + if(c != nil){ + f->fd[fd] = nil; + unlock(f); + qunlock(&p->debug); + cclose(c); + qlock(&p->debug); + lock(f); + } + if(!all) + break; + fd++; + } unlock(f); closefgrp(f); }