commands_utils: fix socket leak when adding state client

If lxc_add_state_client() is called with the container already being in the desired state the client fd will never be closed and is leaking. This is due to setting stay_connected in lxc_cmd for LXC_CMD_ADD_STATE_CLIENT. If the desired state isn't already achieved the client fd will later be closed by calling lxc_cmd_fd_cleanup() but in the other case the client configuration isn't added to the handlers state clients. So the client fd has to be closed explicitely. This is simply tested by starting container A and calling lxc-wait -n A -s RUNNING. Signed-off-by: Matthias Hardt <matthias.hardt@gmail.com>

commands_utils: fix socket leak when adding state client
ebbca852 · Matthias Hardt · 2b3b8f65 · ebbca852 · ebbca852
Unverified Commit ebbca852 authored Mar 09, 2020 by Matthias Hardt
Hide whitespace changes
Inline Side-by-side

Showing with 8 additions and 1 deletion

commands.c src/lxc/commands.c +5 -1

compiler.h src/lxc/compiler.h +3 -0

No files found.
--- a/src/lxc/commands.c
+++ b/src/lxc/commands.c
@@ -863,7 +863,7 @@ int lxc_cmd_add_state_client(const char *name, const char *lxcpath,
 	return MAX_STATE;
 }

-static int lxc_cmd_add_state_client_callback(int fd, struct lxc_cmd_req *req,
+static int lxc_cmd_add_state_client_callback(__owns int fd, struct lxc_cmd_req *req,
 					     struct lxc_handler *handler,
 					     struct lxc_epoll_descr *descr)
 {
@@ -889,6 +889,10 @@ static int lxc_cmd_add_state_client_callback(int fd, struct lxc_cmd_req *req,
 	if (ret < 0)
 		goto reap_client_fd;

+	/* close fd if state is already achieved to avoid leakage */
+	if (rsp.ret != MAX_STATE)
+		close(fd);
+
 	return 0;

 reap_client_fd:

--- a/src/lxc/compiler.h
+++ b/src/lxc/compiler.h
@@ -52,6 +52,9 @@
 #define __lxc_unused
 #endif

+/* Indicates taking ownership */
+#define __owns
+
 #define __cgfsng_ops

 #endif /* __LXC_COMPILER_H */