Open all file descriptors with O_CLOEXEC to avoid leaks and races

diff --git a/zypp/PathInfo.cc b/zypp/PathInfo.cc
index 486e0b1..3c1ccf4 100644 (file)
--- a/zypp/PathInfo.cc
+++ b/zypp/PathInfo.cc
@@ -1058,7 +1058,7 @@ namespace zypp
     {
       ZIP_TYPE ret = ZT_NONE;
 
-      int fd = open( file.asString().c_str(), O_RDONLY );
+      int fd = open( file.asString().c_str(), O_RDONLY|O_CLOEXEC );
 
       if ( fd != -1 ) {
         const int magicSize = 3;

diff --git a/zypp/Repository.cc b/zypp/Repository.cc
index d67ff82..d06a7f1 100644 (file)
--- a/zypp/Repository.cc
+++ b/zypp/Repository.cc
@@ -248,7 +248,7 @@ namespace zypp
     {
       NO_REPOSITORY_THROW( Exception( "Can't add solvables to norepo." ) );
 
-      AutoDispose<FILE*> file( ::fopen( file_r.c_str(), "r" ), ::fclose );
+      AutoDispose<FILE*> file( ::fopen( file_r.c_str(), "re" ), ::fclose );
       if ( file == NULL )
       {
         file.resetDispose();
@@ -270,7 +270,7 @@ namespace zypp
       std::string command( file_r.extension() == ".gz" ? "zcat " : "cat " );
       command += file_r.asString();
 
-      AutoDispose<FILE*> file( ::popen( command.c_str(), "r" ), ::pclose );
+      AutoDispose<FILE*> file( ::popen( command.c_str(), "re" ), ::pclose );
       if ( file == NULL )
       {
         file.resetDispose();

diff --git a/zypp/TmpPath.cc b/zypp/TmpPath.cc
index dbe44e5..c338697 100644 (file)
--- a/zypp/TmpPath.cc
+++ b/zypp/TmpPath.cc
@@ -187,7 +187,7 @@ namespace zypp {
           return;
         }
 
-      int tmpFd = ::mkstemp( buf );
+      int tmpFd = ::mkostemp( buf, O_CLOEXEC );
       if ( tmpFd != -1 )
         {
           // success; create _impl

diff --git a/zypp/base/GzStream.cc b/zypp/base/GzStream.cc
index d4d5cf0..cf85951 100644 (file)
--- a/zypp/base/GzStream.cc
+++ b/zypp/base/GzStream.cc
@@ -79,12 +79,12 @@ namespace zypp
          // we expect gzdopen to handle errors of ::open
           if ( mode_r == std::ios_base::in )
          {
-            _fd = ::open( name_r, O_RDONLY );
+            _fd = ::open( name_r, O_RDONLY | O_CLOEXEC );
             _file = gzdopen( _fd, "rb" );
          }
           else if ( mode_r == std::ios_base::out )
          {
-            _fd = ::open( name_r, O_WRONLY|O_CREAT, 0666 );
+            _fd = ::open( name_r, O_WRONLY|O_CREAT|O_CLOEXEC, 0666 );
             _file = gzdopen( _fd, "wb" );
          }
           // else: not supported

diff --git a/zypp/base/Random.cc b/zypp/base/Random.cc
index 123da94..25344fa 100644 (file)
--- a/zypp/base/Random.cc
+++ b/zypp/base/Random.cc
@@ -17,7 +17,7 @@ int random_int()
   {
       unsigned int seed;
       init = true;
-      int fd = open("/dev/urandom", O_RDONLY);
+      int fd = open("/dev/urandom", O_RDONLY|O_CLOEXEC);
       if (fd < 0 || ::read(fd, &seed, sizeof(seed)) != sizeof(seed))
       {
             // No /dev/urandom... try something else.

diff --git a/zypp/media/MediaCD.cc b/zypp/media/MediaCD.cc
index 347312a..7986421 100644 (file)
--- a/zypp/media/MediaCD.cc
+++ b/zypp/media/MediaCD.cc
@@ -249,7 +249,7 @@ namespace zypp
   //
   bool MediaCD::openTray( const std::string & device_r )
   {
-    int fd = ::open( device_r.c_str(), O_RDONLY|O_NONBLOCK );
+    int fd = ::open( device_r.c_str(), O_RDONLY|O_NONBLOCK|O_CLOEXEC );
     int res = -1;
 
     if ( fd != -1)
@@ -308,7 +308,7 @@ namespace zypp
   //
   bool MediaCD::closeTray( const std::string & device_r )
   {
-    int fd = ::open( device_r.c_str(), O_RDONLY|O_NONBLOCK );
+    int fd = ::open( device_r.c_str(), O_RDONLY|O_NONBLOCK|O_CLOEXEC );
     if ( fd == -1 ) {
       WAR << "Unable to open '" << device_r << "' (" << ::strerror( errno ) << ")" << endl;
       return false;

diff --git a/zypp/media/MediaCurl.cc b/zypp/media/MediaCurl.cc
index 901ac45..46a6f26 100644 (file)
--- a/zypp/media/MediaCurl.cc
+++ b/zypp/media/MediaCurl.cc
@@ -1220,7 +1220,7 @@ void MediaCurl::doGetFileCopy( const Pathname & filename , const Pathname & targ
       ZYPP_THROW(MediaSystemException(url, "out of memory for temp file name"));
     }
 
-    int tmp_fd = ::mkstemp( buf );
+    int tmp_fd = ::mkostemp( buf, O_CLOEXEC );
     if( tmp_fd == -1)
     {
       free( buf);
@@ -1230,7 +1230,7 @@ void MediaCurl::doGetFileCopy( const Pathname & filename , const Pathname & targ
     destNew = buf;
     free( buf);
 
-    FILE *file = ::fdopen( tmp_fd, "w" );
+    FILE *file = ::fdopen( tmp_fd, "we" );
     if ( !file ) {
       ::close( tmp_fd);
       filesystem::unlink( destNew );

diff --git a/zypp/media/MediaMultiCurl.cc b/zypp/media/MediaMultiCurl.cc
index c0b14ce..ad12210 100644 (file)
--- a/zypp/media/MediaMultiCurl.cc
+++ b/zypp/media/MediaMultiCurl.cc
@@ -479,7 +479,7 @@ multifetchworker::checkdns()
       struct addrinfo *ai, aihints;
       memset(&aihints, 0, sizeof(aihints));
       aihints.ai_family = PF_UNSPEC;
-      int tstsock = socket(PF_INET6, SOCK_DGRAM, 0);
+      int tstsock = socket(PF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0);
       if (tstsock == -1)
        aihints.ai_family = PF_INET;
       else
@@ -1203,7 +1203,7 @@ static bool looks_like_metalink(const Pathname & file)
 {
   char buf[256], *p;
   int fd, l;
-  if ((fd = open(file.asString().c_str(), O_RDONLY)) == -1)
+  if ((fd = open(file.asString().c_str(), O_RDONLY|O_CLOEXEC)) == -1)
     return false;
   while ((l = read(fd, buf, sizeof(buf) - 1)) == -1 && errno == EINTR)
     ;
@@ -1246,7 +1246,7 @@ void MediaMultiCurl::doGetFileCopy( const Pathname & filename , const Pathname &
     ZYPP_THROW(MediaSystemException(url, "out of memory for temp file name"));
   }
 
-  int tmp_fd = ::mkstemp( buf );
+  int tmp_fd = ::mkostemp( buf, O_CLOEXEC );
   if( tmp_fd == -1)
   {
     free( buf);
@@ -1256,7 +1256,7 @@ void MediaMultiCurl::doGetFileCopy( const Pathname & filename , const Pathname &
   destNew = buf;
   free( buf);
 
-  FILE *file = ::fdopen( tmp_fd, "w" );
+  FILE *file = ::fdopen( tmp_fd, "we" );
   if ( !file ) {
     ::close( tmp_fd);
     filesystem::unlink( destNew );
@@ -1344,7 +1344,7 @@ void MediaMultiCurl::doGetFileCopy( const Pathname & filename , const Pathname &
          MediaBlockList bl = mlp.getBlockList();
          vector<Url> urls = mlp.getUrls();
          DBG << bl << endl;
-         file = fopen(destNew.c_str(), "w+");
+         file = fopen(destNew.c_str(), "w+e");
          if (!file)
            ZYPP_THROW(MediaWriteException(destNew));
          if (PathInfo(target).isExist())
@@ -1393,7 +1393,7 @@ void MediaMultiCurl::doGetFileCopy( const Pathname & filename , const Pathname &
              filesystem::unlink(destNew);
              ZYPP_RETHROW(ex);
            }
-         file = fopen(destNew.c_str(), "w+");
+         file = fopen(destNew.c_str(), "w+e");
          if (!file)
            ZYPP_THROW(MediaWriteException(destNew));
          MediaCurl::doGetFileCopyFile(filename, dest, file, report, options | OPTION_NO_REPORT_START);

diff --git a/zypp/media/Mount.cc b/zypp/media/Mount.cc
index 516af14..5a9531d 100644 (file)
--- a/zypp/media/Mount.cc
+++ b/zypp/media/Mount.cc
@@ -302,7 +302,7 @@ Mount::getEntries(const std::string &mtab)
     {
       DBG << "Reading mount table from '" << *t << "'" << std::endl;
     }
-    FILE *fp = setmntent(t->c_str(), "r");
+    FILE *fp = setmntent(t->c_str(), "re");
     if( fp)
     {
       char          buf[PATH_MAX * 4];

diff --git a/zypp/target/modalias/Modalias.cc b/zypp/target/modalias/Modalias.cc
index a1b1605..ae7c919 100644 (file)
--- a/zypp/target/modalias/Modalias.cc
+++ b/zypp/target/modalias/Modalias.cc
@@ -115,7 +115,7 @@ read_modalias(const char *dir, const char *file, void *arg)
                return 0;
        }
        snprintf(path, sizeof(path), "%s/%s", dir, file);
-       if ((fd = open(path, O_RDONLY)) == -1)
+       if ((fd = open(path, O_RDONLY|O_CLOEXEC)) == -1)
                return 0;
        len = read(fd, modalias, sizeof(modalias) - 1);
        if (len < 0)