diff options
| author | jilles <jilles@FreeBSD.org> | 2012-09-29 11:54:34 +0000 |
|---|---|---|
| committer | jilles <jilles@FreeBSD.org> | 2012-09-29 11:54:34 +0000 |
| commit | fba61ef227067b4f30ac71dee816dd39abee1c8e (patch) | |
| tree | 89610d7c33533a1abd5218d8db331931ee9e6327 /lib/libc/gen/getcap.c | |
| parent | 576f4f1ec84faf13f14984bdf7f8f07357e3ab02 (diff) | |
| download | FreeBSD-src-fba61ef227067b4f30ac71dee816dd39abee1c8e.zip FreeBSD-src-fba61ef227067b4f30ac71dee816dd39abee1c8e.tar.gz | |
libc: Use O_CLOEXEC for various internal file descriptors.
This fixes a race condition where another thread may fork() before CLOEXEC
is set, unintentionally passing the descriptor to the child process.
This commit only adds O_CLOEXEC flags to open() or openat() calls where no
fcntl(fd, F_SETFD, FD_CLOEXEC) follows. The separate fcntl() call still
leaves a race window so it should be fixed later.
Diffstat (limited to 'lib/libc/gen/getcap.c')
| -rw-r--r-- | lib/libc/gen/getcap.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/libc/gen/getcap.c b/lib/libc/gen/getcap.c index 2700d3d..c321d12 100644 --- a/lib/libc/gen/getcap.c +++ b/lib/libc/gen/getcap.c @@ -264,7 +264,7 @@ getent(char **cap, u_int *len, char **db_array, int fd, const char *name, *cap = cbuf; return (retval); } else { - fd = _open(*db_p, O_RDONLY, 0); + fd = _open(*db_p, O_RDONLY | O_CLOEXEC, 0); if (fd < 0) continue; myfd = 1; |
