From c556986bfcbe90075fbe10a9280fe8bfb86c18d6 Mon Sep 17 00:00:00 2001 From: aland Date: Fri, 24 Mar 2006 17:54:56 +0000 Subject: [PATCH] Port closefrom() patches from the head --- configure.in | 3 ++- src/include/libradius.h | 3 +++ src/lib/misc.c | 30 ++++++++++++++++++++++++++++++ src/main/exec.c | 12 ++++++++---- src/main/session.c | 10 +++------- 5 files changed, 46 insertions(+), 12 deletions(-) diff --git a/configure.in b/configure.in index 28ba5ef..564fbc0 100644 --- a/configure.in +++ b/configure.in @@ -686,7 +686,8 @@ AC_CHECK_FUNCS( \ setlinebuf \ setvbuf \ getusershell \ - initgroups + initgroups \ + closefrom ) RADIUSD_NEED_DECLARATIONS( \ crypt \ diff --git a/src/include/libradius.h b/src/include/libradius.h index a31bcd2..375a167 100644 --- a/src/include/libradius.h +++ b/src/include/libradius.h @@ -311,6 +311,9 @@ int rad_lockfd_nonblock(int fd, int lock_len); int rad_unlockfd(int fd, int lock_len); void lrad_bin2hex(const uint8_t *bin, char *hex, int len); int lrad_hex2bin(const char *hex, uint8_t *bin, int len); +#ifndef HAVE_CLOSEFROM +int closefrom(int fd); +#endif #ifdef ASCEND_BINARY /* filters.c */ diff --git a/src/lib/misc.c b/src/lib/misc.c index 17fdc43..7865d7f 100644 --- a/src/lib/misc.c +++ b/src/lib/misc.c @@ -469,3 +469,33 @@ void lrad_bin2hex(const uint8_t *bin, char *hex, int len) return; } +/* + * So we don't have ifdef's in the rest of the code + */ +#ifndef HAVE_CLOSEFROM +int closefrom(int fd) +{ + int i; + int maxfd = 256; + +#ifdef _SC_OPEN_MAX + maxfd = sysconf(_SC_OPEN_MAX); + if (maxfd < 0) { + maxfd = 256; + } +#endif + + if (fd > maxfd) return 0; + + /* + * FIXME: return EINTR? + * + * Use F_CLOSEM? + */ + for (i = fd; i < maxfd; i++) { + close(i); + } + + return 0; +} +#endif diff --git a/src/main/exec.c b/src/main/exec.c index 865e6e4..a6869be 100644 --- a/src/main/exec.c +++ b/src/main/exec.c @@ -30,6 +30,7 @@ static const char rcsid[] = "$Id$"; #include #include #include +#include #include #ifdef HAVE_SYS_WAIT_H @@ -128,7 +129,7 @@ int radius_exec_program(const char *cmd, REQUEST *request, if ((pid = rad_fork(exec_wait)) == 0) { #define MAX_ENVP 1024 - int i, devnull; + int devnull; char *envp[MAX_ENVP]; int envlen; char buffer[1024]; @@ -198,9 +199,7 @@ int radius_exec_program(const char *cmd, REQUEST *request, * want to leave dangling FD's for the child process * to play funky games with, so we close them. */ - for (i = 3; i < 256; i++) { - close(i); - } + closefrom(3); /* * Set up the environment variables. @@ -228,6 +227,11 @@ int radius_exec_program(const char *cmd, REQUEST *request, vp_prints_value(buffer+n, sizeof(buffer) - n, vp, 1); envp[envlen++] = strdup(buffer); + + /* + * Don't add too many attributes. + */ + if (envlen == (MAX_ENVP - 1)) break; } envp[envlen] = NULL; execve(argv[0], argv, envp); diff --git a/src/main/session.c b/src/main/session.c index 02ef411..89b9df9 100644 --- a/src/main/session.c +++ b/src/main/session.c @@ -127,7 +127,7 @@ int rad_check_ts(uint32_t nasaddr, unsigned int portnum, const char *user, int status; int n; char address[16]; - char port[8]; + char port[11]; RADCLIENT *cl; /* @@ -196,11 +196,7 @@ int rad_check_ts(uint32_t nasaddr, unsigned int portnum, const char *user, return WEXITSTATUS(status); } - /* - * Child - exec checklogin with the right parameters. - */ - for (n = 256; n >= 3; n--) - close(n); + closefrom(3); /* * We don't close fd's 0, 1, and 2. If we're in debugging mode, @@ -212,7 +208,7 @@ int rad_check_ts(uint32_t nasaddr, unsigned int portnum, const char *user, */ ip_ntoa(address, nasaddr); - sprintf(port, "%u", portnum); + snprintf(port, 11, "%u", portnum); #ifdef __EMX__ /* OS/2 can't directly execute scripts then we call the command -- 2.1.4