system: sysupgrade: close input side of pipe before reading

When /usr/libexec/validate_firmware_image is not present on the system
procd will hang indefinitely on the read() since the input side of the
pipe is still open.

Also fix pipe file descriptor leak when fork() fails.

Signed-off-by: Dustin Lundquist <[email protected]>
Acked-by: Rafał Miłecki <[email protected]>

diff --git a/system.c b/system.c
index 9879bca76a2750fb821b336cad40ace449a03860..65d3f09b7fb6d294aa9a8cb25a54e9ad5446b955 100644 (file)
--- a/system.c
+++ b/system.c
@@ -434,6 +434,8 @@ static int validate_firmware_image_call(const char *file)
 
        switch (fork()) {
        case -1:
+               close(fds[0]);
+               close(fds[1]);
                return -errno;
        case 0:
                /* Set stdin & stderr to /dev/null */
@@ -454,11 +456,11 @@ static int validate_firmware_image_call(const char *file)
        }
 
        /* Parent process */
+       close(fds[1]);
 
        tok = json_tokener_new();
        if (!tok) {
                close(fds[0]);
-               close(fds[1]);
                return -ENOMEM;
        }
 
@@ -476,7 +478,6 @@ static int validate_firmware_image_call(const char *file)
        }
 
        close(fds[0]);
-       close(fds[1]);
 
        err = -ENOENT;
        if (jsobj) {