From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from [87.239.111.99] (localhost [127.0.0.1]) by dev.tarantool.org (Postfix) with ESMTP id 606F113CF8DD; Thu, 5 Jun 2025 08:45:46 +0300 (MSK) DKIM-Filter: OpenDKIM Filter v2.11.0 dev.tarantool.org 606F113CF8DD DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=tarantool.org; s=dev; t=1749102346; bh=/4w9UEP6G/vkyT8euX62ClRJ0t5HaavMDp8JuJeuX1E=; h=To:Date:In-Reply-To:References:Subject:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc: From; b=f0Vr94gAF7YmCO4ldOJs6g8HAYVBSb9KEkwMaC30vn0r4f/1wvY/dOWMa+ipR8LH5 9UvLGF3XD7K6Yr21Y5crse9N05OzttxPNER6zmHsE1lZXBM8Z1cRAhXUQ696AJV38Q X5Urp1VvGZp4epgwn0KpJw9+/qd9jLmIY2S/6yJU= Received: from send57.i.mail.ru (send57.i.mail.ru [89.221.237.152]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by dev.tarantool.org (Postfix) with ESMTPS id B50C013CF8C3 for ; Thu, 5 Jun 2025 08:44:17 +0300 (MSK) DKIM-Filter: OpenDKIM Filter v2.11.0 dev.tarantool.org B50C013CF8C3 Received: by exim-smtp-75656d46d5-jh4vp with esmtpa (envelope-from ) id 1uN3Oi-00000000FoO-31KJ; Thu, 05 Jun 2025 08:44:17 +0300 To: Sergey Bronnikov Date: Thu, 5 Jun 2025 08:44:20 +0300 Message-ID: <1bbdb610c35dae11562205060db742cd5c2fe263.1749101434.git.skaplun@tarantool.org> X-Mailer: git-send-email 2.49.0 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Mailru-Src: smtp X-4EC0790: 10 X-7564579A: B8F34718100C35BD X-77F55803: 4F1203BC0FB41BD9851146C857904EAB228E35F5A4A67DF34C0004A9166FDD30182A05F538085040A635ACB7F36209963DE06ABAFEAF67052040A61132EC4E7A95569FA2C0CFBECAB76EC74E5D6971C8 X-7FA49CB5: FF5795518A3D127A4AD6D5ED66289B5278DA827A17800CE7B9D6DADD6B53929DEA1F7E6F0F101C67BD4B6F7A4D31EC0BCC500DACC3FED6E28638F802B75D45FF8AA50765F7900637AC83A81C8FD4AD23D82A6BABE6F325AC2E85FA5F3EDFCBAA7353EFBB5533756680FD86C7FE90CFE55ED98FFDC8B3DEBF975AAC8D183FCD64DB4CA3E4B4C9643C389733CBF5DBD5E913377AFFFEAFD269176DF2183F8FC7C0CB629EEF1311BF91D2E47CDBA5A96583BD4B6F7A4D31EC0BC014FD901B82EE079FA2833FD35BB23D27C277FBC8AE2E8B55B19328CBC4F849A471835C12D1D977C4224003CC8364762BB6847A3DEAEFB0F43C7A68FF6260569E8FC8737B5C2249EC8D19AE6D49635B68655334FD4449CB9ECD01F8117BC8BEAAAE862A0553A39223F8577A6DFFEA7C837C4FEFBD186071C4224003CC83647689D4C264860C145E X-C1DE0DAB: 0D63561A33F958A5FBDA39E0C44F75465002B1117B3ED6964E31D47F6C1B501272305013E4AE841E823CB91A9FED034534781492E4B8EEAD14747542773C033FC79554A2A72441328621D336A7BC284946AD531847A6065A535571D14F44ED41 X-C8649E89: 1C3962B70DF3F0ADBF74143AD284FC7177DD89D51EBB7742424CF958EAFF5D571004E42C50DC4CA955A7F0CF078B5EC49A30900B95165D34A533D6DF7731C664B051B5AF7C0B493B7EC9E036B8DFD896972C4FB35A04166AC5CB695488F812711D7E09C32AA3244C685BA11769E639E677DD89D51EBB774238A762838FDE97A7EA455F16B58544A2557BDE0DD54B3590A5AE236DF995FB59829709634694AABAED6A17656DB59BCAD427812AF56FC65B X-D57D3AED: 3ZO7eAau8CL7WIMRKs4sN3D3tLDjz0dLbV79QFUyzQ2Ujvy7cMT6pYYqY16iZVKkSc3dCLJ7zSJH7+u4VD18S7Vl4ZUrpaVfd2+vE6kuoey4m4VkSEu53w8ahmwBjZKM/YPHZyZHvz5uv+WouB9+ObcCpyrx6l7KImUglyhkEat/+ysWwi0gdhEs0JGjl6ggRWTy1haxBpVdbIX1nthFXMZebaIdHP2ghjoIc/363UZI6Kf1ptIMVSykAyseJQ6/aRhIDb5Fv/s= X-DA7885C5: 049C8F4B18C63DF6F255D290C0D534F9453CD7462B8C581A49C52923EAA4DB4D1FC017089B36AE0B5B1A4C17EAA7BC4BEF2421ABFA55128DAF83EF9164C44C7E X-Mailru-Sender: 689FA8AB762F7393FE9E42A757851DB6E3C0F0B2E1CC055187F66E1481AC81798DB4DC30D787C9DDE49D44BB4BD9522A059A1ED8796F048DB274557F927329BE89D5A3BC2B10C37545BD1C3CC395C826B4A721A3011E896F X-Mras: Ok Subject: [Tarantool-patches] [PATCH luajit 3/3] Fix another potential file descriptor leak in luaL_loadfile*(). X-BeenThere: tarantool-patches@dev.tarantool.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Tarantool development patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: Sergey Kaplun via Tarantool-patches Reply-To: Sergey Kaplun Cc: tarantool-patches@dev.tarantool.org Errors-To: tarantool-patches-bounces@dev.tarantool.org Sender: "Tarantool-patches" From: Mike Pall Reported by Peter Cawley. (cherry picked from commit ab39082fddfca0de268a106a3b6d736eef032328) `loadfile()` doesn't close the fd in case when `fopen()` results successfully, but then the file can't be read (since it is a directory, for example) or parser failure occurs for some reason. This patch fixes that behaviour by moving the error formatting after the cleanup of the descriptor. Sergey Kaplun: * added the description and the test for the problem Part of tarantool/tarantool#11278 --- src/lj_load.c | 16 ++++----- .../lj-1249-loadfile-fd-leak.test.lua | 34 ++++++++++++++++++- 2 files changed, 41 insertions(+), 9 deletions(-) diff --git a/src/lj_load.c b/src/lj_load.c index a6d0b464..fdbc54cb 100644 --- a/src/lj_load.c +++ b/src/lj_load.c @@ -87,6 +87,7 @@ LUALIB_API int luaL_loadfilex(lua_State *L, const char *filename, FileReaderCtx ctx; int status; const char *chunkname; + int err = 0; if (filename) { chunkname = lua_pushfstring(L, "@%s", filename); ctx.fp = fopen(filename, "rb"); @@ -100,17 +101,16 @@ LUALIB_API int luaL_loadfilex(lua_State *L, const char *filename, chunkname = "=stdin"; } status = lua_loadx(L, reader_file, &ctx, chunkname, mode); - if (ferror(ctx.fp)) { - L->top -= filename ? 2 : 1; - lua_pushfstring(L, "cannot read %s: %s", chunkname+1, strerror(errno)); - if (filename) - fclose(ctx.fp); - return LUA_ERRFILE; - } + if (ferror(ctx.fp)) err = errno; if (filename) { + fclose(ctx.fp); L->top--; copyTV(L, L->top-1, L->top); - fclose(ctx.fp); + } + if (err) { + L->top--; + lua_pushfstring(L, "cannot read %s: %s", chunkname+1, strerror(err)); + return LUA_ERRFILE; } return status; } diff --git a/test/tarantool-tests/lj-1249-loadfile-fd-leak.test.lua b/test/tarantool-tests/lj-1249-loadfile-fd-leak.test.lua index c1a45724..fe406fd1 100644 --- a/test/tarantool-tests/lj-1249-loadfile-fd-leak.test.lua +++ b/test/tarantool-tests/lj-1249-loadfile-fd-leak.test.lua @@ -6,7 +6,7 @@ local tap = require('tap') -- See also, https://github.com/LuaJIT/LuaJIT/issues/1249. local test = tap.test('lj-1249-loadfile-fd-leak') -test:plan(2) +test:plan(4) local allocinject = require('allocinject') @@ -24,4 +24,36 @@ test:ok(not res, 'correct status, OOM on filename creation') test:like(errmsg, 'not enough memory', 'correct error message, OOM on filename creation') +-- Now try to read the directory. It can be opened but not read as +-- a file on Linux-like systems. + +-- On macOS and BSD-like systems, the content of the directory may +-- be read and contain some internal data, which we are not +-- interested in. +test:skipcond({ + ['Disabled on non-Linux systems'] = jit.os ~= 'Linux', +}) + +local DIRNAME = '/dev' +local GCSTR_OBJSIZE = 24 + +-- Now the OOM error should be obtained on the creation of the +-- error message that the given file (or directory) is not +-- readable. But the string for the file name should be allocated +-- without OOM, so set the corresponding limit for the string +-- object. +-- Don't forget to count the leading '@' and trailing '\0'. +allocinject.enable_null_limited_alloc(#DIRNAME + GCSTR_OBJSIZE + 1 + 1) + +-- Error since can't read the directory (but actually the OOM on +-- parsing preparation is raised before, due to allocation limit). +res, errmsg = pcall(loadfile, DIRNAME) + +allocinject.disable() + +-- Sanity checks. +test:ok(not res, 'correct status, OOM on error message creation') +test:like(errmsg, 'not enough memory', + 'correct error message, OOM on error message creation') + test:done(true) -- 2.49.0