Hi,
syslogd tries to ignore EAGAIN for tty. Unfortunately it closes
the file descriptor before checking the errno. So f_file contains
a bad file descriptor that may be reused at the next open.
I think f_file should not be closed if the errno is EAGAIN.
If I move the close down, f_file is overwritten in all cases.
ok?
bluhm
Index: usr.sbin/syslogd/syslogd.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/syslogd/syslogd.c,v
retrieving revision 1.246
diff -u -p -r1.246 syslogd.c
--- usr.sbin/syslogd/syslogd.c 12 Sep 2017 15:17:20 -0000 1.246
+++ usr.sbin/syslogd/syslogd.c 16 Sep 2017 00:16:38 -0000
@@ -2045,7 +2045,6 @@ fprintlog(struct filed *f, int flags, ch
break;
}
- (void)close(f->f_file);
/*
* Check for errors on TTY's or program pipes.
* Errors happen due to loss of tty or died programs.
@@ -2056,7 +2055,10 @@ fprintlog(struct filed *f, int flags, ch
* This can happen when logging to a locked tty.
*/
break;
- } else if ((e == EIO || e == EBADF) &&
+ }
+
+ (void)close(f->f_file);
+ if ((e == EIO || e == EBADF) &&
f->f_type != F_FILE && f->f_type != F_PIPE &&
!retryonce) {
f->f_file = priv_open_tty(f->f_un.f_fname);
