proxmox-mirrors/mirror_frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_frr synced 2025-08-09 05:13:07 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #3972 from mjstapp/fix_privs_race

Browse Source 
libs: fix race in privs changes
This commit is contained in:
Donald Sharp 2019-03-22 02:32:17 -04:00 committed by GitHub
commit 6e0d7d0dbb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 21 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
lib/privs.c
View File

@ -708,19 +708,19 @@ struct zebra_privs_t *_zprivs_raise(struct zebra_privs_t *privs,
/* If we're already elevated, just return */ /* If we're already elevated, just return */
pthread_mutex_lock(&(privs->mutex)); pthread_mutex_lock(&(privs->mutex));
if (++privs->refcount > 1) { {
pthread_mutex_unlock(&(privs->mutex)); if (++(privs->refcount) == 1) {
return privs; errno = 0;
if (privs->change(ZPRIVS_RAISE)) {
zlog_err("%s: Failed to raise privileges (%s)",
funcname, safe_strerror(errno));
}
errno = save_errno;
privs->raised_in_funcname = funcname;
}
} }
pthread_mutex_unlock(&(privs->mutex)); pthread_mutex_unlock(&(privs->mutex));
errno = 0;
if (privs->change(ZPRIVS_RAISE)) {
zlog_err("%s: Failed to raise privileges (%s)",
funcname, safe_strerror(errno));
}
errno = save_errno;
privs->raised_in_funcname = funcname;
return privs; return privs;
} }
@ -733,19 +733,20 @@ void _zprivs_lower(struct zebra_privs_t **privs)
/* Don't lower privs if there's another caller */ /* Don't lower privs if there's another caller */
pthread_mutex_lock(&(*privs)->mutex); pthread_mutex_lock(&(*privs)->mutex);
if (--((*privs)->refcount) > 0) { {
pthread_mutex_unlock(&(*privs)->mutex); if (--((*privs)->refcount) == 0) {
return; errno = 0;
if ((*privs)->change(ZPRIVS_LOWER)) {
zlog_err("%s: Failed to lower privileges (%s)",
(*privs)->raised_in_funcname,
safe_strerror(errno));
}
errno = save_errno;
(*privs)->raised_in_funcname = NULL;
}
} }
pthread_mutex_unlock(&(*privs)->mutex); pthread_mutex_unlock(&(*privs)->mutex);
errno = 0;
if ((*privs)->change(ZPRIVS_LOWER)) {
zlog_err("%s: Failed to lower privileges (%s)",
(*privs)->raised_in_funcname, safe_strerror(errno));
}
errno = save_errno;
(*privs)->raised_in_funcname = NULL;
*privs = NULL; *privs = NULL;
} }