From 92089907ee254020fe807666898fc980677b2c82 Mon Sep 17 00:00:00 2001
From: Ashwin Naren <arihant2math@gmail.com>
Date: Mon, 30 Mar 2026 11:10:01 -0700
Subject: [PATCH] sys_pipe2: prevent file descriptor leak on copy_to_user
 failure

---
 src/fs/pipe.rs | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/src/fs/pipe.rs b/src/fs/pipe.rs
index f6a07cd0..ff592d31 100644
--- a/src/fs/pipe.rs
+++ b/src/fs/pipe.rs
@@ -283,9 +283,14 @@ pub async fn sys_pipe2(ctx: &ProcessCtx, fds: TUA<[Fd; 2]>, flags: u32) -> Resul
         (read_fd, write_fd)
     };
 
-    // TODO: What if the copy fails here, we've leaked the above file
-    // descriptors.
-    copy_to_user(fds, [read_fd as _, write_fd as _]).await?;
+    // copy_to_user will only EFAULT
+    if let Err(e) = copy_to_user(fds, [read_fd as _, write_fd as _]).await {
+        // Clean up the file descriptors we created.
+        let mut fds = ctx.task().fd_table.lock_save_irq();
+        fds.remove(read_fd);
+        fds.remove(write_fd);
+        return Err(e);
+    }
 
     Ok(0)
 }