Fix: runas check fd value before calling close()

[lttng-tools.git] / src / common / runas.c

diff --git a/src/common/runas.c b/src/common/runas.c
index 3916d6754314eadd4947b576dbcb4d98273ad861..f3adf7355444fe8a8961f1132151110b891fc4ba 100644 (file)
--- a/src/common/runas.c
+++ b/src/common/runas.c
@@ -466,6 +466,9 @@ int cleanup_received_fd(enum run_as_cmd cmd, int fd)
                return 0;
        }
 
+       if (fd < 0) {
+               return 0;
+       }
        ret = close(fd);
        if (ret < 0) {
                PERROR("close error");
@@ -488,6 +491,9 @@ int handle_one_cmd(struct run_as_worker *worker)
        run_as_fct cmd;
        uid_t prev_euid;
 
+       memset(&sendret, 0, sizeof(sendret));
+       sendret.fd = -1;
+
        /*
         * Stage 1: Receive run_as_data struct from the master.
         * The structure contains the command type and all the parameters needed for
@@ -528,6 +534,8 @@ int handle_one_cmd(struct run_as_worker *worker)
        if (data.gid != getegid()) {
                ret = setegid(data.gid);
                if (ret < 0) {
+                       sendret._error = true;
+                       sendret._errno = errno;
                        PERROR("setegid");
                        goto write_return;
                }
@@ -535,6 +543,8 @@ int handle_one_cmd(struct run_as_worker *worker)
        if (data.uid != prev_euid) {
                ret = seteuid(data.uid);
                if (ret < 0) {
+                       sendret._error = true;
+                       sendret._errno = errno;
                        PERROR("seteuid");
                        goto write_return;
                }
@@ -710,6 +720,7 @@ int run_as_cmd(struct run_as_worker *worker,
                PERROR("Error reading response from run_as");
                ret = -1;
                ret_value->_errno = errno;
+               goto end;
        }
 
        /*
@@ -914,6 +925,9 @@ int run_as_extract_elf_symbol_offset(int fd, const char* function,
        struct run_as_data data;
        struct run_as_ret ret;
 
+       memset(&data, 0, sizeof(data));
+       memset(&ret, 0, sizeof(ret));
+
        DBG3("extract_elf_symbol_offset() on fd=%d and function=%s "
                "with for uid %d and gid %d", fd, function, (int) uid, (int) gid);
 
@@ -943,6 +957,9 @@ int run_as_extract_sdt_probe_offsets(int fd, const char* provider_name,
        struct run_as_data data;
        struct run_as_ret ret;
 
+       memset(&data, 0, sizeof(data));
+       memset(&ret, 0, sizeof(ret));
+
        DBG3("extract_sdt_probe_offsets() on fd=%d, probe_name=%s and "
                "provider_name=%s with for uid %d and gid %d", fd, probe_name,
                provider_name, (int) uid, (int) gid);