ref: 497daed116714a8c3f91162fe02ca81ad33bb6fa
parent: 323184d775b92c50bb37fa0b3ae73a16138f8b7e
author: cinap_lenrek <cinap_lenrek@felloff.net>
date: Thu Jul 23 18:56:49 EDT 2015
kernel: make sure fd is in range in fdclose() as the Fgrp can be shared with other processes, we have to recheck the fd index after locking the Fgrp in fdclose() to make sure not to read beyond the bounds of the fd array.
--- a/sys/src/9/port/sysfile.c
+++ b/sys/src/9/port/sysfile.c
@@ -294,7 +294,7 @@
Fgrp *f = up->fgrp;
lock(f);
- c = f->fd[fd];
+ c = fd <= f->maxfd ? f->fd[fd] : nil;
if(c == nil || (flag != 0 && (c->flag&flag) == 0)){unlock(f);
return;