basic: be more careful when closing fds based on RLIMIT_NOFILE

Let's make sure we properly handle cases where RLIMIT_NOFILE is set to infinity, zero or values outside of the "int" range.
2018-05-07 17:54:59 +02:00 · 2018-05-07 17:54:59 +02:00 · 37bc14de5b
parent 1752d69a8b
commit 37bc14de5b
1 changed files with 11 additions and 4 deletions
--- a/src/basic/fd-util.c
+++ b/src/basic/fd-util.c
@ -199,15 +199,22 @@ int close_all_fds(const int except[], size_t n_except) {

        d = opendir("/proc/self/fd");
        if (!d) {
-                int fd;
                struct rlimit rl;
+                int fd, max_fd;

-                /* When /proc isn't available (for example in chroots)
-                 * the fallback is brute forcing through the fd
+                /* When /proc isn't available (for example in chroots) the fallback is brute forcing through the fd
                 * table */

                assert_se(getrlimit(RLIMIT_NOFILE, &rl) >= 0);
-                for (fd = 3; fd < (int) rl.rlim_max; fd ++) {
+
+                if (rl.rlim_max == 0)
+                        return -EINVAL;
+
+                /* Let's take special care if the resource limit is set to unlimited, or actually larger than the range
+                 * of 'int'. Let's avoid implicit overflows. */
+                max_fd = (rl.rlim_max == RLIM_INFINITY || rl.rlim_max > INT_MAX) ? INT_MAX : (int) (rl.rlim_max - 1);
+
+                for (fd = 3; fd >= 0; fd = fd < max_fd ? fd + 1 : -1) {
                        int q;

                        if (fd_in_set(fd, except, n_except))