[Valgrind-developers] [valgrind] Check dup2 oldfd before allowing the syscall

[Mark W. <ma...@so...>]

https://sourceware.org/cgit/valgrind/commit/?id=0dbd164e1767dc29a6e0ea8d2c86b02d6913043b

commit 0dbd164e1767dc29a6e0ea8d2c86b02d6913043b
Author: Mark Wielaard <ma...@kl...>
Date:   Sat Jul 5 00:51:36 2025 +0200

    Check dup2 oldfd before allowing the syscall
    
    The dup201 LTP test fails with TFAIL: dup2(1024, 5) succeeded
    
    That is because 1024 here is the soft file limit (so one higher than
    the max number of fds). Valgrind raises the soft limit a little
    internally to have a few private fds for itself. So this dup2 call
    succeeds (and possibly dups and internal valgrind fd into the
    newfd). We should check the oldfd before allowing the dup2 syscall,
    like we already check the newfd.

Diff:
---
 coregrind/m_syswrap/syswrap-generic.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/coregrind/m_syswrap/syswrap-generic.c b/coregrind/m_syswrap/syswrap-generic.c
index f8d73e1973..50deb1e764 100644
--- a/coregrind/m_syswrap/syswrap-generic.c
+++ b/coregrind/m_syswrap/syswrap-generic.c
@@ -3758,6 +3758,8 @@ PRE(sys_dup2)
 {
    PRINT("sys_dup2 ( %" FMT_REGWORD "u, %" FMT_REGWORD "u )", ARG1, ARG2);
    PRE_REG_READ2(long, "dup2", unsigned int, oldfd, unsigned int, newfd);
+   if (!ML_(fd_allowed)(ARG1, "dup2", tid, False))
+      SET_STATUS_Failure( VKI_EBADF );
    if (!ML_(fd_allowed)(ARG2, "dup2", tid, True))
       SET_STATUS_Failure( VKI_EBADF );
 }