[CRIU] [PATCH v2 01/15] files: Fix find_unused_fd() overflow
Pavel Emelyanov
xemul at virtuozzo.com
Tue May 31 03:14:39 PDT 2016
On 05/30/2016 03:13 PM, Kirill Tkhai wrote:
>
>
> On 30.05.2016 14:32, Pavel Emelyanov wrote:
>> On 05/27/2016 04:05 PM, Kirill Tkhai wrote:
>>> This function may catch overflow near INT_MAX, so
>>> it becomes return strange fd, like fd = -2147483648.
>>> Fix that.
>>>
>>> Signed-off-by: Kirill Tkhai <ktkhai at virtuozzo.com>
>>> ---
>>> criu/files.c | 31 +++++++++++++++++++++++++++++++
>>> criu/include/files.h | 8 +-------
>>> 2 files changed, 32 insertions(+), 7 deletions(-)
>>>
>>> diff --git a/criu/files.c b/criu/files.c
>>> index 16bc74d..a52e12f 100644
>>> --- a/criu/files.c
>>> +++ b/criu/files.c
>>> @@ -97,6 +97,37 @@ static inline struct file_desc *find_file_desc(FdinfoEntry *fe)
>>> return find_file_desc_raw(fe->type, fe->id);
>>> }
>>>
>>> +unsigned int find_unused_fd(struct list_head *head, int hint_fd)
>>> +{
>>> + struct fdinfo_list_entry *fle;
>>> + int fd, prev_fd;
>>> +
>>> + if ((hint_fd >= 0) && (!fd_is_used(head, hint_fd))) {
>>> + fd = hint_fd;
>>> + goto out;
>>> + }
>>> + /* Return last used fd +1 */
>>> + fd = list_entry(head->prev, typeof(struct fdinfo_list_entry), used_list)->fe->fd;
>>> +
>>> + if (likely(fd < INT_MAX)) {
>>> + fd++;
>>
>> Is INT_MAX a valid file descriptor?
>
> Theoretical. I suppose, CRIU sets prlimit before a restore to make available maximum
> file descriptor for a system. Otherwise, restore may fail.
>
> The maximum fd number is hardcoded, and it's
>
> sysctl_nr_open_max = min((size_t)INT_MAX, ~(size_t)0/sizeof(void *)) &
> -BITS_PER_LONG;
>
> Are you OK if I use this value instead?
We already have some value of maximum fd used by service fds. Let's use it.
More information about the CRIU
mailing list