From bc8e9b340dd17ea5756c2ff0374763d9906efc92 Mon Sep 17 00:00:00 2001 From: isaacs Date: Mon, 28 Feb 2011 12:27:51 -0800 Subject: [PATCH] Closes GH-734 Do the setuid() after chdir() --- src/node_child_process.cc | 58 ++++++++++++++++++++++++----------------------- 1 file changed, 30 insertions(+), 28 deletions(-) diff --git a/src/node_child_process.cc b/src/node_child_process.cc index 413c282..e910995 100644 --- a/src/node_child_process.cc +++ b/src/node_child_process.cc @@ -327,6 +327,36 @@ int ChildProcess::Spawn(const char *file, _exit(127); } + if (custom_fds[0] == -1) { + close(stdin_pipe[1]); // close write end + dup2(stdin_pipe[0], STDIN_FILENO); + } else { + ResetFlags(custom_fds[0]); + dup2(custom_fds[0], STDIN_FILENO); + } + + if (custom_fds[1] == -1) { + close(stdout_pipe[0]); // close read end + dup2(stdout_pipe[1], STDOUT_FILENO); + } else { + ResetFlags(custom_fds[1]); + dup2(custom_fds[1], STDOUT_FILENO); + } + + if (custom_fds[2] == -1) { + close(stderr_pipe[0]); // close read end + dup2(stderr_pipe[1], STDERR_FILENO); + } else { + ResetFlags(custom_fds[2]); + dup2(custom_fds[2], STDERR_FILENO); + } + + if (strlen(cwd) && chdir(cwd)) { + perror("chdir()"); + _exit(127); + } + + static char buf[PATH_MAX + 1]; int gid = -1; @@ -380,34 +410,6 @@ int ChildProcess::Spawn(const char *file, } - if (custom_fds[0] == -1) { - close(stdin_pipe[1]); // close write end - dup2(stdin_pipe[0], STDIN_FILENO); - } else { - ResetFlags(custom_fds[0]); - dup2(custom_fds[0], STDIN_FILENO); - } - - if (custom_fds[1] == -1) { - close(stdout_pipe[0]); // close read end - dup2(stdout_pipe[1], STDOUT_FILENO); - } else { - ResetFlags(custom_fds[1]); - dup2(custom_fds[1], STDOUT_FILENO); - } - - if (custom_fds[2] == -1) { - close(stderr_pipe[0]); // close read end - dup2(stderr_pipe[1], STDERR_FILENO); - } else { - ResetFlags(custom_fds[2]); - dup2(custom_fds[2], STDERR_FILENO); - } - - if (strlen(cwd) && chdir(cwd)) { - perror("chdir()"); - _exit(127); - } environ = env; -- 2.7.4