From a9e41c417a15fed1738ec7286764f0e39f6eb87f Mon Sep 17 00:00:00 2001
From: Wei Liu <liuwe@microsoft.com>
Date: Mon, 27 May 2024 06:45:56 +0000
Subject: [PATCH] vmm: add a check to avoid wrapping -1 into an owned file

Signed-off-by: Wei Liu <liuwe@microsoft.com>
---
 vmm/src/serial_manager.rs | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/vmm/src/serial_manager.rs b/vmm/src/serial_manager.rs
index 426a983f0..c1fef8a68 100644
--- a/vmm/src/serial_manager.rs
+++ b/vmm/src/serial_manager.rs
@@ -77,6 +77,10 @@ pub enum Error {
     /// Cannot remove the serial socket
     #[error("Error removing serial socket: {0}")]
     RemoveUnixSocket(#[source] io::Error),
+
+    /// Cannot duplicate file descriptor
+    #[error("Error duplicating file descriptor: {0}")]
+    DupFd(#[source] io::Error),
 }
 pub type Result<T> = result::Result<T, Error>;
 
@@ -143,7 +147,12 @@ impl SerialManager {
                 // SAFETY: trivially safe
                 if unsafe { libc::isatty(libc::STDIN_FILENO) == 1 } {
                     // SAFETY: STDIN_FILENO is a valid fd
-                    let stdin_clone = unsafe { File::from_raw_fd(libc::dup(libc::STDIN_FILENO)) };
+                    let fd = unsafe { libc::dup(libc::STDIN_FILENO) };
+                    if fd == -1 {
+                        return Err(Error::DupFd(std::io::Error::last_os_error()));
+                    }
+                    // SAFETY: fd is valid and owned by us
+                    let stdin_clone = unsafe { File::from_raw_fd(fd) };
                     // SAFETY: FFI calls with correct arguments
                     let ret = unsafe {
                         let mut flags = libc::fcntl(stdin_clone.as_raw_fd(), libc::F_GETFL);