/*---------------------------------------------------------------------*/ tree_cell * nasl_close_socket(lex_ctxt * lexic) { int soc; int type; int opt_len = sizeof(type); int e; soc = get_int_var_by_num(lexic, 0, -1); if(soc <= 4) { nasl_perror(lexic, "close(): invalid argument\n"); return NULL; } if ( fd_is_stream(soc) ) { return close_stream_connection(soc) < 0 ? NULL:FAKE_CELL; } e = getsockopt(soc, SOL_SOCKET, SO_TYPE, &type, &opt_len); if(e == 0 ) { if (type == SOCK_DGRAM) { rm_udp_data(lexic->script_infos, soc); return FAKE_CELL; } closesocket(soc); return FAKE_CELL; } else nasl_perror(lexic, "close(): invalid argument\n"); return NULL; }
/*---------------------------------------------------------------------*/ tree_cell * nasl_close_socket (lex_ctxt * lexic) { int soc; int type; unsigned int opt_len = sizeof (type); int e; soc = get_int_var_by_num (lexic, 0, -1); /* XXX: These are thoughts expressed on the openvas-devel mailing list 2008-08-06: * * nasl_close_socket seems to be the only place in nasl/nasl_socket.c where the * value of the socket filedescriptor is checked in this way. That in itself is * strange. Why only there? Also, why can't the socket fd be less than 4? I * could sort of understand 3 (0, 1, 2 are already taken by the standard * streams) but 4? Does the openvas server and/or the NASL interpreter guarantee * that at least one other file is open? * * My guess is that the check is there to prevent NASL scripts from closing file * descriptors needed by openvas/NASL which includes the ones it uses for * accessing the knowledgebase. If that's the case, then the test has too much * knowledge of the circumstances under which the NASL interpreter runs. It * should be moved to a separate function whose behavior can be influenced by * the program embedding the NASL interpreter. Other functions should probably * also check the descriptors. * * I also wonder whether the original code (disallowing any file descriptor <= 4) * actually was correct and the real defect is that open_sock_udp actually * returned 4. Under which circumstances does it actually do that? In my brief * tests with the stand-alone nasl interpreter the smallest number it returned * was 5. */ if (soc < 4) { nasl_perror (lexic, "close(): invalid argument\n"); return NULL; } if (fd_is_stream (soc)) return close_stream_connection (soc) < 0 ? NULL : FAKE_CELL; e = getsockopt (soc, SOL_SOCKET, SO_TYPE, &type, &opt_len); if (e == 0) { if (type == SOCK_DGRAM) { rm_udp_data (lexic->script_infos, soc); return FAKE_CELL; } close (soc); return FAKE_CELL; } else nasl_perror (lexic, "close(): invalid argument\n"); return NULL; }