git: DragonFly_RELEASE_4_6 libc - Fix numerous fork/exec*() leaks, also add mkostemp() and mkostemps().
Matthew Dillon
dillon at crater.dragonflybsd.org
Wed Jul 27 12:56:47 PDT 2016
commit 9b71f91c88d98e7168b0868d46e3b8ef4e32661a
Author: Matthew Dillon <dillon at apollo.backplane.com>
Date: Wed Jul 27 11:13:44 2016 -0700
libc - Fix numerous fork/exec*() leaks, also add mkostemp() and mkostemps().
* Use O_CLOEXEC in many places to prevent temporary descriptors from leaking
into fork/exec'd code (e.g. in multi-threaded situations).
* Note that the popen code will close any other popen()'d descriptors in
the child process that it forks just prior to exec. However, there was
a descriptor leak where another thread issuing popen() at the same time
could leak the descriptors into their exec.
Use O_CLOEXEC to close this hole.
* popen() now accepts the 'e' flag (i.e. "re") to retain O_CLOEXEC in the
returned descriptor. Normal "r" (etc) will clear O_CLOEXEC in the returned
descriptor.
Note that normal "r" modes are still fine for most use cases since popen
properly closes other popen()d descriptors in the fork(). BUT!! If the
threaded program calls exec*() in other ways, such descriptors may
unintentionally be passed onto sub-processes. So consider using "re".
* Add mkostemp() and mkostemps() to allow O_CLOEXEC to be passed in,
closing a thread race that would otherwise leak the temporary descriptor
into other fork/exec()s.
Taken-from: Mostly taken from FreeBSD
Summary of changes:
include/stdlib.h | 2 ++
lib/libc/db/btree/bt_open.c | 5 +++--
lib/libc/db/db/db.c | 2 +-
lib/libc/db/hash/hash.c | 2 +-
lib/libc/db/hash/hash_page.c | 3 ++-
lib/libc/db/recno/rec_open.c | 2 +-
lib/libc/gen/arc4random.c | 2 +-
lib/libc/gen/getcap.c | 2 +-
lib/libc/gen/nlist.c | 2 +-
lib/libc/gen/popen.c | 17 ++++++++++++++---
lib/libc/gen/readpassphrase.c | 2 +-
lib/libc/gen/syslog.c | 2 +-
lib/libc/gen/wordexp.c | 4 +++-
lib/libc/gmon/gmon.c | 4 ++--
lib/libc/stdio/Symbol.map | 5 +++++
lib/libc/stdio/fdopen.c | 4 ++++
lib/libc/stdio/freopen.c | 16 +++++++++++++---
lib/libc/stdio/mktemp.3 | 22 ++++++++++++++++++++++
lib/libc/stdio/mktemp.c | 33 +++++++++++++++++++++++++++------
lib/libc/yp/yplib.c | 2 +-
20 files changed, 106 insertions(+), 27 deletions(-)
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/9b71f91c88d98e7168b0868d46e3b8ef4e32661a
--
DragonFly BSD source repository
More information about the Commits
mailing list