fix: open file decriptors #4831
Conversation
| DEFER_CLEANUP(struct s2n_test_io_pair io_pair = { 0 }, s2n_io_pair_close); | ||
| struct s2n_test_io_pair io_pair = { 0 }; |
There was a problem hiding this comment.
Why doesn't s2n_io_pair_close() close both the client and server file descriptors? Is it because s2n_io_pair_close() will abort if the client is already closed?
| @@ -573,6 +573,8 @@ int main(int argc, char **argv) | |||
| S2N_ERR_CLOSED); | |||
| EXPECT_FALSE(s2n_connection_check_io_status(receiver, S2N_IO_READABLE)); | |||
| } | |||
| /* Close the other end of pipe */ | |||
| EXPECT_SUCCESS(s2n_io_pair_close_one_end(&io_pair, 1 - mode)); | |||
There was a problem hiding this comment.
nit - S2N_PEER_MODE makes this slightly clearer:
| EXPECT_SUCCESS(s2n_io_pair_close_one_end(&io_pair, 1 - mode)); | |
| EXPECT_SUCCESS(s2n_io_pair_close_one_end(&io_pair, S2N_PEER_MODE(mode))); |
| /* Clean up with previously set functions */ | ||
| POSIX_GUARD_RESULT(s2n_rand_cleanup()); |
There was a problem hiding this comment.
I think I understand what's happening here but want to make sure: it looks like check_drgb_version sets custom rand callbacks:
s2n-tls/tests/unit/s2n_drbg_test.c
Lines 298 to 299 in ce0234e
But since our default rand callback was already initialized, /dev/urandom was already opened. So when we go to cleanup in END_TEST, the nist_fake_entropy_init_cleanup callback is invoked, which does nothing. So /dev/urandom remains open. And this change sets the rand callbacks back to default so that the proper cleanup function is invoked. Is that correct?
If so, I think a better fix for this would be to properly call s2n_rand_set_callbacks before s2n_init(), like the documentation describes:
Lines 586 to 588 in ce0234e
So the proposal would be to remove the s2n_rand_set_callbacks() call in check_drgb_version(), and instead call s2n_cleanup(), s2n_rand_set_callbacks(), and s2n_init() whenever a new rand callback is needed. Otherwise, this relies on s2n_rand_cleanup() being called twice (once manually and once in s2n_cleanup) in order to properly clean up its state, which seems wrong.
| /* Clean up urandom of the child process */ | ||
| POSIX_GUARD_RESULT(s2n_rand_cleanup()); |
There was a problem hiding this comment.
I think this should probably just be calling s2n_cleanup?
| /* Clean up urandom of the child process */ | |
| POSIX_GUARD_RESULT(s2n_rand_cleanup()); | |
| EXPECT_SUCCESS(s2n_cleanup()); |
| /* Child process exit don't close io_pair properly, so manually close it*/ | ||
| EXPECT_SUCCESS(s2n_io_pair_close(&io_pair)); |
There was a problem hiding this comment.
Would this work if the io_pair was created in a scope that ends before the exit call? Something like this maybe?
{
DEFER_CLEANUP(struct s2n_test_io_pair io_pair = { 0 }, s2n_io_pair_close);
EXPECT_SUCCESS(s2n_io_pair_init(&io_pair));
uint8_t counter = 0;
int result = 0;
S2N_IO_RETRY_EINTR(result,
s2n_test_real_interrupt(io_pair.client, n_times, &counter));
EXPECT_EQUAL(result, S2N_TEST_SUCCESS);
EXPECT_EQUAL(counter, n_times);
}
exit(0);
| @@ -208,6 +208,7 @@ static S2N_RESULT s2n_run_self_talk_test(s2n_test_scenario scenario_fn) | |||
| EXPECT_SUCCESS(s2n_connection_free(client)); | |||
| EXPECT_SUCCESS(s2n_cert_chain_and_key_free(chain_and_key)); | |||
| EXPECT_SUCCESS(s2n_config_free(config)); | |||
| EXPECT_SUCCESS(s2n_io_pair_close_one_end(&io_pair, S2N_CLIENT)); | |||
There was a problem hiding this comment.
Should there still be a DEFER_CLEANUP on this io_pair?
|
I will divide this PR into three different smaller PRs. This PR will be closed. |
Resolved issues:
Partially solve #4005.
Description of changes:
s2n_io_pair_closeands2n_io_pair_close_one_endto close all openedAF_UNIXsocket./dev/urandom.Call-outs:
Testing:
--track-fds=yesto CTest memcheck and direct all Valgrind output toMemoryTester.logfiles.AF_UNIXor/dev/urandom. Nothing was captured../codebuild/bin/test_exec_leak.sh.s2n-tls/codebuild/bin/test_exec_leak.sh
Lines 82 to 97 in 6bb195c
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.