diff options
| author | Dan McGee <dan@archlinux.org> | 2014-01-02 19:37:12 +0100 |
|---|---|---|
| committer | Allan McRae <allan@archlinux.org> | 2014-01-06 05:38:50 +0100 |
| commit | 086bbc5b623d08df9ffe595bd5ee965e668a4ae1 (patch) | |
| tree | 894ba4ccad5f33bb497329c1c75a8200b9109b09 /lib/libalpm/util.c | |
| parent | 8bec8a3f6a09155827aa8c3287f6d814c6912717 (diff) | |
| download | pacman-086bbc5b623d08df9ffe595bd5ee965e668a4ae1.tar.gz pacman-086bbc5b623d08df9ffe595bd5ee965e668a4ae1.tar.xz | |
Use O_CLOEXEC as much as possible when opening files
When calling open(), use O_CLOEXEC as much as possible to ensure the
file descriptor is closed when and if a process using libalpm forks.
For most of these cases, and especially in utility functions, the file
descriptor is opened and closed in the same function, so we don't have
too much to worry about. However, for things like the log file and
database lock file, we should ensure descriptors aren't left hanging
around for children to touch.
This patch is inspired by the problem in FS#36161, where an open file
descriptor to the current working directory prevents chroot() from
working on FreeBSD. We don't need this file descriptor in the child
process, so open it (and now several others) with O_CLOEXEC.
Signed-off-by: Dan McGee <dan@archlinux.org>
Signed-off-by: Allan McRae <allan@archlinux.org>
Diffstat (limited to 'lib/libalpm/util.c')
| -rw-r--r-- | lib/libalpm/util.c | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/lib/libalpm/util.c b/lib/libalpm/util.c index ab407613..f28404d7 100644 --- a/lib/libalpm/util.c +++ b/lib/libalpm/util.c @@ -153,9 +153,9 @@ int _alpm_copyfile(const char *src, const char *dest) MALLOC(buf, (size_t)ALPM_BUFFER_SIZE, return 1); - OPEN(in, src, O_RDONLY); + OPEN(in, src, O_RDONLY | O_CLOEXEC); do { - out = open(dest, O_WRONLY | O_CREAT, 0000); + out = open(dest, O_WRONLY | O_CREAT | O_BINARY | O_CLOEXEC, 0000); } while(out == -1 && errno == EINTR); if(in < 0 || out < 0) { goto cleanup; @@ -244,7 +244,7 @@ int _alpm_open_archive(alpm_handle_t *handle, const char *path, archive_read_support_format_all(*archive); _alpm_log(handle, ALPM_LOG_DEBUG, "opening archive %s\n", path); - OPEN(fd, path, O_RDONLY); + OPEN(fd, path, O_RDONLY | O_CLOEXEC); if(fd < 0) { _alpm_log(handle, ALPM_LOG_ERROR, _("could not open file %s: %s\n"), path, strerror(errno)); @@ -326,7 +326,7 @@ int _alpm_unpack(alpm_handle_t *handle, const char *path, const char *prefix, oldmask = umask(0022); /* save the cwd so we can restore it later */ - OPEN(cwdfd, ".", O_RDONLY); + OPEN(cwdfd, ".", O_RDONLY | O_CLOEXEC); if(cwdfd < 0) { _alpm_log(handle, ALPM_LOG_ERROR, _("could not get current working directory\n")); } @@ -502,7 +502,7 @@ int _alpm_run_chroot(alpm_handle_t *handle, const char *cmd, char *const argv[]) int retval = 0; /* save the cwd so we can restore it later */ - OPEN(cwdfd, ".", O_RDONLY); + OPEN(cwdfd, ".", O_RDONLY | O_CLOEXEC); if(cwdfd < 0) { _alpm_log(handle, ALPM_LOG_ERROR, _("could not get current working directory\n")); } @@ -778,7 +778,7 @@ static int md5_file(const char *path, unsigned char output[16]) MALLOC(buf, (size_t)ALPM_BUFFER_SIZE, return 1); - OPEN(fd, path, O_RDONLY); + OPEN(fd, path, O_RDONLY | O_CLOEXEC); if(fd < 0) { free(buf); return 1; @@ -820,7 +820,7 @@ static int sha2_file(const char *path, unsigned char output[32], int is224) MALLOC(buf, (size_t)ALPM_BUFFER_SIZE, return 1); - OPEN(fd, path, O_RDONLY); + OPEN(fd, path, O_RDONLY | O_CLOEXEC); if(fd < 0) { free(buf); return 1; |