From archie@whistle.com  Thu May 25 13:34:09 2000
Return-Path: <archie@whistle.com>
Received: from bubba.whistle.com (bubba.whistle.com [207.76.205.7])
	by hub.freebsd.org (Postfix) with ESMTP id E6CA937B690
	for <FreeBSD-gnats-submit@freebsd.org>; Thu, 25 May 2000 13:34:08 -0700 (PDT)
	(envelope-from archie@whistle.com)
Received: (from archie@localhost)
	by bubba.whistle.com (8.9.3/8.9.2) id NAA09637;
	Thu, 25 May 2000 13:34:09 -0700 (PDT)
Message-Id: <200005252034.NAA09637@bubba.whistle.com>
Date: Thu, 25 May 2000 13:34:09 -0700 (PDT)
From: Archie Cobbs <archie@whistle.com>
Reply-To: archie@whistle.com
To: FreeBSD-gnats-submit@freebsd.org
Subject: possible file descriptor leak in dhclient(8)
X-Send-Pr-Version: 3.2

>Number:         18817
>Category:       bin
>Synopsis:       possible file descriptor leak in dhclient(8)
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    murray
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu May 25 13:40:00 PDT 2000
>Closed-Date:    Sun Apr 14 06:13:55 PDT 2002
>Last-Modified:  Sun Apr 14 06:13:55 PDT 2002
>Originator:     Archie Cobbs
>Release:        FreeBSD 3.4-RELEASE i386
>Organization:
Whistle Communications, Inc.
>Environment:

	3.4-RELEASE

>Description:

	It appears that the function read_client_leases() in dhclient(8)
	clparse.c contains a file descriptor leak. The FILE *cfile is
	never fclose()'d.

	Also, when the dhclient-script is exec'd, we don't want any open
	file descriptors in the dhclient(8) process to be inherited by
	the child process (i.e., the script). So dhclient should be doing
	an ``fcntl(fileno(fp), F_SETFD, 1)'' for every FILE* it opens that
	can possibly still be open when the script is executed (e.g, the
	lease file).

>How-To-Repeat:

	Was determined by inspection; this could all be wrong.

>Fix:
	
Index: clparse.c
===================================================================
RCS file: /cvs/freebsd/src/contrib/isc-dhcp/client/clparse.c,v
retrieving revision 1.3.2.2
diff -u -u -r1.3.2.2 clparse.c
--- clparse.c	1999/05/08 18:05:07	1.3.2.2
+++ clparse.c	2000/05/25 20:34:16
@@ -170,6 +170,8 @@
 			parse_client_lease_statement (cfile, 0);
 
 	} while (1);
+
+	fclose (cfile);
 }
 
 /* client-declaration :== 


>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->analyzed 
State-Changed-By: murray 
State-Changed-When: Tue Feb 19 01:11:19 PST 2002 
State-Changed-Why:  
I believe this bug still exists in our existing dhclient(8), but it 
has been fixed in ISC DHCP 3.X.  I will be importing 3.0.1rc6 to 
-CURRENT shortly. 



Responsible-Changed-From-To: freebsd-bugs->murray 
Responsible-Changed-By: murray 
Responsible-Changed-When: Tue Feb 19 01:11:19 PST 2002 
Responsible-Changed-Why:  
I will import DHCP 3.0.1rc6 shortly, which will fix this bug. 

http://www.FreeBSD.org/cgi/query-pr.cgi?pr=18817 
State-Changed-From-To: analyzed->closed 
State-Changed-By: murray 
State-Changed-When: Sun Apr 14 06:13:11 PDT 2002 
State-Changed-Why:  
DHCP 3.0.1RC8 has been imported to both -CURRENT and -STABLE.  This 
newer version properly closes the file when it is done with it. 


http://www.freebsd.org/cgi/query-pr.cgi?pr=18817 
>Unformatted:
