MFH: r445016

x11/libxshmfence: don't leak /tmp/shmfd* files with O_CLOEXEC

- Both mkostemp() and mkstemp() need explicit call to unlink()
- Unobfuscate fallback if both O_TMPFILE and mksotemp() are N/A
- O_TMPFILE (Linux-only) appeared after O_CLOEXEC, no need to check

PR:		217676 (for tracking)
Approved by:	ports-secteam (junovitch)

2 files changed, 10 insertions, 20 deletions

diff --git a/x11/libxshmfence/Makefile b/x11/libxshmfence/Makefile
index bbe463f..d325e00 100644
--- a/x11/libxshmfence/Makefile
+++ b/x11/libxshmfence/Makefile
@@ -2,7 +2,7 @@
 
 PORTNAME=	libxshmfence
 PORTVERSION=	1.2
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	x11
 
 MAINTAINER=	x11@FreeBSD.org
diff --git a/x11/libxshmfence/files/patch-src__xshmfence_alloc.c b/x11/libxshmfence/files/patch-src__xshmfence_alloc.c
index ea14877..e6e0df9 100644
--- a/x11/libxshmfence/files/patch-src__xshmfence_alloc.c
+++ b/x11/libxshmfence/files/patch-src__xshmfence_alloc.c
@@ -1,24 +1,14 @@
 --- src/xshmfence_alloc.c.orig	2015-03-04 15:28:23 UTC
 +++ src/xshmfence_alloc.c
-@@ -67,15 +67,19 @@ int
- xshmfence_alloc_shm(void)
- {
- 	char	template[] = SHMDIR "/shmfd-XXXXXX";
--	int	fd;
-+	int	fd = -1;
- 
- #if HAVE_MEMFD_CREATE
- 	fd = memfd_create("xshmfence", MFD_CLOEXEC|MFD_ALLOW_SEALING);
- 	if (fd < 0)
- #endif
- 	{
--#ifdef O_TMPFILE
-+#if defined(O_CLOEXEC)
-+#if defined(HAVE_MKOSTEMP)
-+		fd = mkostemp(template, O_CLOEXEC);
-+#elif defined(O_TMPFILE)
- 		fd = open(SHMDIR, O_TMPFILE|O_RDWR|O_CLOEXEC|O_EXCL, 0666);
-+#endif
+@@ -79,7 +79,11 @@ xshmfence_alloc_shm(void)
  		if (fd < 0)
  #endif
  		{
++#ifdef HAVE_MKOSTEMP
++			fd = mkostemp(template, O_CLOEXEC);
++#else
+ 			fd = mkstemp(template);
++#endif
+ 			if (fd < 0)
+ 				return fd;
+ 			unlink(template);