From 5316088445508bb5e648c1b64bb5f7261ad4da34 Mon Sep 17 00:00:00 2001 From: bixiaoyan Date: Mon, 29 Apr 2024 16:18:51 +0800 Subject: [PATCH] Fix: libcrmcommon: avoid file descriptor leak in IPC client with async connection (cherry picked from commit 21139209642d3df991bb43544896b0fad6a2e67c) --- ...-avoid-file-descriptor-leak-in-IPC-c.patch | 48 +++++++++++++++++++ pacemaker.spec | 6 ++- 2 files changed, 53 insertions(+), 1 deletion(-) create mode 100644 Fix-libcrmcommon-avoid-file-descriptor-leak-in-IPC-c.patch diff --git a/Fix-libcrmcommon-avoid-file-descriptor-leak-in-IPC-c.patch b/Fix-libcrmcommon-avoid-file-descriptor-leak-in-IPC-c.patch new file mode 100644 index 0000000..3ff1b52 --- /dev/null +++ b/Fix-libcrmcommon-avoid-file-descriptor-leak-in-IPC-c.patch @@ -0,0 +1,48 @@ +From 47d6055bf418f7049fc716745be95374f465eb77 Mon Sep 17 00:00:00 2001 +From: "Gao,Yan" +Date: Wed, 7 Feb 2024 11:21:23 +0100 +Subject: [PATCH] Fix: libcrmcommon: avoid file descriptor leak in IPC client + with async connection + +Previously if qb_ipcc_connect_async() succeeded but the following poll() +failed, the file descriptor would leak. + +In that case, given that disconnect function is not registered yet, +qb_ipcc_disconnect() won't clean up the socket. In any case, call +qb_ipcc_connect_continue() here so that it may fail and do the cleanup +for us. + +Issue introduced in 2.1.3 by 4b60aa100. +--- + lib/common/ipc_client.c | 12 ++++++++---- + 1 file changed, 8 insertions(+), 4 deletions(-) + +diff --git a/lib/common/ipc_client.c b/lib/common/ipc_client.c +index 4635d38d8..df6697cee 100644 +--- a/lib/common/ipc_client.c ++++ b/lib/common/ipc_client.c +@@ -1623,13 +1623,17 @@ pcmk__ipc_is_authentic_process_active(const char *name, uid_t refuid, + do { + poll_rc = poll(&pollfd, 1, 2000); + } while ((poll_rc == -1) && (errno == EINTR)); +- if ((poll_rc <= 0) || (qb_ipcc_connect_continue(c) != 0)) { ++ ++ /* If poll() failed, given that disconnect function is not registered yet, ++ * qb_ipcc_disconnect() won't clean up the socket. In any case, call ++ * qb_ipcc_connect_continue() here so that it may fail and do the cleanup ++ * for us. ++ */ ++ if (qb_ipcc_connect_continue(c) != 0) { + crm_info("Could not connect to %s IPC: %s", name, + (poll_rc == 0)?"timeout":strerror(errno)); + rc = pcmk_rc_ipc_unresponsive; +- if (poll_rc > 0) { +- c = NULL; // qb_ipcc_connect_continue cleaned up for us +- } ++ c = NULL; // qb_ipcc_connect_continue cleaned up for us + goto bail; + } + #endif +-- +2.25.1 + diff --git a/pacemaker.spec b/pacemaker.spec index 40f57cc..df07537 100644 --- a/pacemaker.spec +++ b/pacemaker.spec @@ -17,7 +17,7 @@ ## can be incremented to build packages reliably considered "newer" ## than previously built packages with the same pcmkversion) %global pcmkversion 2.1.7 -%global specversion 10 +%global specversion 11 ## Upstream commit (full commit ID, abbreviated commit ID, or tag) to build %global commit 0f7f88312f7a1ccedee60bf768aba79ee13d41e0 @@ -156,6 +156,7 @@ Patch3: 002-schema-transfer.patch Patch4: Improve-pacemaker-attrd-cache-management-and-logging.patch Patch5: Fix-cibsecret-Use-ps-axww-to-avoid-truncating-issue.patch Patch6: Fix-tools-crm_mon-segfaults-when-fencer-connection-is-lost.patch +Patch7: Fix-libcrmcommon-avoid-file-descriptor-leak-in-IPC-c.patch Requires: resource-agents Requires: %{pkgname_pcmk_libs} = %{version}-%{release} @@ -763,6 +764,9 @@ exit 0 %license %{nagios_name}-%{nagios_hash}/COPYING %changelog +* Mon Apr 29 2024 bixiaoyan - 2.1.7-11 +- Fix: libcrmcommon: avoid file descriptor leak in IPC client with async connection + * Mon Apr 29 2024 zouzhimin - 2.1.7-10 - Fix: tools: crm_mon segfaults when fencer connection is lost -- Gitee