stash away SCM_RIGHTS fd until a getfd command arrives If there is already a fd in s->msgfd before recvmsg it is closed by parts that this patch does not touch. So, only one descriptor can be "leaked" by attaching it to a command other than getfd. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Luiz Capitulino <lcapitulino@redhat.com>

commit: e53f27b9d9df73461308618151fa6e6392aebd85 [log] [tgz]
author: Paolo Bonzini <pbonzini@redhat.com> Fri Apr 16 17:25:23 2010 +0200
committer: Luiz Capitulino <lcapitulino@redhat.com> Mon Apr 26 16:36:31 2010 -0300
tree: 3a43939d72679d0700c1c72abeaf1fb93c0e7e42
parent: 97331287ed2c928af6b9f31728d29ef60c3b8cd8 [diff] [blame]
diff --git a/qemu-char.c b/qemu-char.c
index 05df971..ac65a1c 100644
--- a/qemu-char.c
+++ b/qemu-char.c

@@ -2000,8 +2000,9 @@
 static int tcp_get_msgfd(CharDriverState *chr)
 {
     TCPCharDriver *s = chr->opaque;
-
-    return s->msgfd;
+    int fd = s->msgfd;
+    s->msgfd = -1;
+    return fd;
 }
 
 #ifndef _WIN32
@@ -2089,10 +2090,6 @@
             tcp_chr_process_IAC_bytes(chr, s, buf, &size);
         if (size > 0)
             qemu_chr_read(chr, buf, size);
-        if (s->msgfd != -1) {
-            close(s->msgfd);
-            s->msgfd = -1;
-        }
     }
 }
commit	e53f27b9d9df73461308618151fa6e6392aebd85	[log] [tgz]
author	Paolo Bonzini <pbonzini@redhat.com>	Fri Apr 16 17:25:23 2010 +0200
committer	Luiz Capitulino <lcapitulino@redhat.com>	Mon Apr 26 16:36:31 2010 -0300
tree	3a43939d72679d0700c1c72abeaf1fb93c0e7e42
parent	97331287ed2c928af6b9f31728d29ef60c3b8cd8 [diff] [blame]