From c5406814b8c821a715a391764e18a86d0d2aa300 Mon Sep 17 00:00:00 2001 From: jbj Date: Mon, 23 Feb 2004 00:43:45 +0000 Subject: [PATCH] - force FD_CLOEXEC on 1st 100 inherited fdno's. CVS patchset: 7125 CVS date: 2004/02/23 00:43:45 --- CHANGES | 1 + lib/psm.c | 11 +++++++++++ rpm.spec.in | 1 + 3 files changed, 13 insertions(+) diff --git a/CHANGES b/CHANGES index e588976..4185443 100644 --- a/CHANGES +++ b/CHANGES @@ -22,6 +22,7 @@ - fix: only first "mkdir -p" directory had context set. - stable sort for policy specifications, patterns before paths. - set "rpm_script_t" exec type for scriptlets iff /bin/sh, else default. + - force FD_CLOEXEC on 1st 100 inherited fdno's. 4.2.1 -> 4.2.2: - unify signal handling in librpmio, use condvar to deliver signal. diff --git a/lib/psm.c b/lib/psm.c index 122dd76..ea06008 100644 --- a/lib/psm.c +++ b/lib/psm.c @@ -737,6 +737,8 @@ static rpmRC runScript(rpmpsm psm, Header h, const char * sln, if (psm->sq.child == 0) { const char * rootDir; int pipes[2]; + int flag; + int fdno; pipes[0] = pipes[1] = 0; /* make stdin inaccessible */ @@ -745,6 +747,15 @@ static rpmRC runScript(rpmpsm psm, Header h, const char * sln, xx = dup2(pipes[0], STDIN_FILENO); xx = close(pipes[0]); + /* XXX Force FD_CLOEXEC on 1st 100 inherited fdno's. */ + for (fdno = 3; fdno < 100; fdno++) { + flag = fcntl(fdno, F_GETFD); + if (flag == -1 || (flag & FD_CLOEXEC)) + continue; + xx = fcntl(fdno, F_SETFD, FD_CLOEXEC); + /* XXX W2DO? debug msg for inheirited fdno w/o FD_CLOEXEC */ + } + if (scriptFd != NULL) { int sfdno = Fileno(scriptFd); int ofdno = Fileno(out); diff --git a/rpm.spec.in b/rpm.spec.in index a763c69..8505a02 100644 --- a/rpm.spec.in +++ b/rpm.spec.in @@ -486,6 +486,7 @@ exit 0 - add ia32e arch. - stable sort for policy specifications, patterns before paths. - set "rpm_script_t" exec type for scriptlets iff /bin/sh, else default. +- force FD_CLOEXEC on 1st 100 inherited fdno's. * Fri Feb 20 2004 Jeff Johnson 4.3-0.13 - fix: only first "mkdir -p" directory had context set. -- 2.7.4