summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorVolker Lendecke <vl@samba.org>2010-09-28 18:40:49 +0200
committerVolker Lendecke <vl@samba.org>2010-09-28 19:22:50 +0200
commita3e211ca3f6bc0335170546648ebcc54a1db1ef4 (patch)
tree76657a76e3aac2bf05d1d10dcd668e59c93c9832 /source3/smbd
parent51bc104c5c2e8f23fab1c599a7ec3e4291165244 (diff)
downloadsamba-a3e211ca3f6bc0335170546648ebcc54a1db1ef4.tar.gz
samba-a3e211ca3f6bc0335170546648ebcc54a1db1ef4.tar.bz2
samba-a3e211ca3f6bc0335170546648ebcc54a1db1ef4.zip
s3: Attempt to fix bug 7518
If select returns -1, we can't rely on the fd sets. The current code might loop endlessly because when putting an invalid fd (the closed socket?) on the read set, a select implementation might choose not to touch it but directly return with EINVAL. Thus run_events will see the socket readable, which leads to a "return true", and thus a NT_STATUS_RETRY -> same game again. We should never get into this situation, but to me the logfiles given in bug 7518 do not reveal enough information to understand how this can happen.
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/process.c12
1 files changed, 6 insertions, 6 deletions
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index 66be77efce..4db54f39c0 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -991,6 +991,12 @@ static NTSTATUS smbd_server_connection_loop_once(struct smbd_server_connection *
errno = sav;
}
+ /* Check if error */
+ if (selrtn == -1) {
+ /* something is wrong. Maybe the socket is dead? */
+ return map_nt_error_from_unix(errno);
+ }
+
if ((conn->smb1.echo_handler.trusted_fd != -1)
&& FD_ISSET(conn->sock, &r_fds)
&& FD_ISSET(conn->smb1.echo_handler.trusted_fd, &r_fds)) {
@@ -1006,12 +1012,6 @@ static NTSTATUS smbd_server_connection_loop_once(struct smbd_server_connection *
return NT_STATUS_RETRY;
}
- /* Check if error */
- if (selrtn == -1) {
- /* something is wrong. Maybe the socket is dead? */
- return map_nt_error_from_unix(errno);
- }
-
/* Did we timeout ? */
if (selrtn == 0) {
return NT_STATUS_RETRY;