Potential handle leaks in dup_worker
Ken Brown
kbrown@cornell.edu
Tue Feb 9 22:31:16 GMT 2021
On 2/9/2021 3:52 PM, Corinna Vinschen via Cygwin-developers wrote:
> On Feb 9 14:12, Ken Brown via Cygwin-developers wrote:
>> On 2/9/2021 12:13 PM, Ken Brown via Cygwin-developers wrote:
>>> On 2/9/2021 11:12 AM, Corinna Vinschen via Cygwin-developers wrote:
>>>> On Feb 9 10:31, Ken Brown via Cygwin-developers wrote:
>>>>> On 2/9/2021 10:02 AM, Corinna Vinschen via Cygwin-developers wrote:
>>>>>> On Feb 9 09:19, Ken Brown via Cygwin-developers wrote:
>>>>>>> On 2/9/2021 4:47 AM, Corinna Vinschen via Cygwin-developers wrote:
>>>>>>>> On Feb 8 12:39, Ken Brown via Cygwin-developers wrote:
>>>>>>>>> I've had occasion to work through dtable::dup_worker, and I'm seeing the
>>>>>>>>> potential for leaks of path_conv handles.
>>>>>>>> [...]
>>>>>>>> Nevertheless, it's a bad idea to keep this code. So the question is
>>>>>>>> this: Do we actually *need* to duplicate the conv_handle at all?
>>>>>>> I've come across one place where I think it's needed.
>>>>>>> [...]
>>>>>> Indeed, you're right. I just found that the fhandler_base::reset method
>>>>>> is only called from copyto. Given that fhandler::operator= already
>>>>>> calls path_conv::operator=, and that duplicates the conv handle, why
>>>>>> call path_conv::operator<< from fhandler_base::reset at all? It looks
>>>>>> like this is only duplicating what already has been done.
>>>>>
>>>>> I think that's right. It looks like operator<< differs from operator= only
>>>>> in being careful not to overwrite an existing path. So I can't see that it
>>>>> ever makes sense to call operator<< right after calling operator=.
>>>>
>>>> It might be helpful not only to move reset to a protected inline method,
>>>> but also to rename it, making entirely clear that this is just a copyto
>>>> helper and nothing else. I. e., something like _copyto_reset_helper().
>> [...]
>> Trying to make _copyto_reset_helper() protected leads to errors like this:
>>
>> In file included from ../../../../newlib-cygwin/winsup/cygwin/spawn.cc:22:
>> ../../../../newlib-cygwin/winsup/cygwin/fhandler.h: In member function
>> ‘virtual void fhandler_pty_master::copyto(fhandler_base*)’:
>> ../../../../newlib-cygwin/winsup/cygwin/fhandler.h:2461:30: error: ‘void
>> fhandler_base::_copyto_reset_helper()’ is protected within this context
>> 2461 | x->_copyto_reset_helper ();
>>
>> As usual, my C++ knowledge is limited, but I guess the issue is that we're
>> calling _copyto_reset_helper() on behalf of x. As an experiment, I removed
>> 'x->', and the error message went away. I don't fully understand this. Do
>> you see an easy way around it, or should I just leave _copyto_reset_helper()
>> public?
>
> There's no easy way as such. I think the right approach is to turn the
> copy-to method into a copy-from method, modifying "this", rather than
> another object given as parameter. This is a more object-oriented
> approach, IMHO. This also automagically fixes the problem that a
> protected method can't be called in this context.
>
> Here's a patch fixing it this way. Can you please review it and see
> if I missed something?
>
> Actually, on second thought, this should be split into two patches, one
> removing the call to path_conv::operator<<, and the other one
> reshuffling the code. If the patch is ok, I'll do that before pushing
> it.
LGTM. I agree that this is a better approach. My only other suggestion is that
you consider removing path_conv::reset_conv_handle and replacing its two uses by
close_conv_handle. Again this is to avoid the appearance of a handle leak, even
though I'm pretty sure that the handle is always NULL when this is called.
Ken
More information about the Cygwin-developers
mailing list