From d64a32e03b4d9a1336ebfa66d7d08d96e9847a6a Mon Sep 17 00:00:00 2001 From: Tavian Barnes Date: Thu, 12 Oct 2023 15:50:59 -0400 Subject: bftw: Make sure we don't close a directory while we unwrap it bftw_cache_reserve() can lead to bftw_cache_pop(), which could close the directory we're trying to unwrap! If that happened, we would try dup_cloexec(-1), which would fail with EBADF, so there was no observable bug. But it's better to avoid the whole situation. --- src/bftw.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/bftw.c b/src/bftw.c index 1995e12..06a0085 100644 --- a/src/bftw.c +++ b/src/bftw.c @@ -811,8 +811,12 @@ static int bftw_unwrapdir(struct bftw_state *state, struct bftw_file *file) { return bftw_close(state, file); } - if (bftw_cache_reserve(state) != 0) { - return -1; + // Make room for dup() + bftw_cache_pin(cache, file); + int ret = bftw_cache_reserve(state); + bftw_cache_unpin(cache, file); + if (ret != 0) { + return ret; } int fd = dup_cloexec(file->fd); -- cgit v1.2.3