ref: 4fa6ca6696185364c89c772a927e6204cb916e3b
parent: d5b27c7ba6eac4bf7e1457c6fa5b420f6eed6aa3
author: cinap_lenrek <cinap_lenrek@felloff.net>
date: Thu Jul 23 18:56:49 EDT 2015
kernel: make sure fd is in range in fdclose() as the Fgrp can be shared with other processes, we have to recheck the fd index after locking the Fgrp in fdclose() to make sure not to read beyond the bounds of the fd array.
--- a/sys/src/9/port/sysfile.c
+++ b/sys/src/9/port/sysfile.c
@@ -294,7 +294,7 @@
Fgrp *f = up->fgrp;
lock(f);
- c = f->fd[fd];
+ c = fd <= f->maxfd ? f->fd[fd] : nil;
if(c == nil || (flag != 0 && (c->flag&flag) == 0)){unlock(f);
return;
--
⑨