diff options
author | jilles <jilles@FreeBSD.org> | 2013-09-06 21:02:06 +0000 |
---|---|---|
committer | jilles <jilles@FreeBSD.org> | 2013-09-06 21:02:06 +0000 |
commit | a0c0abfff1f209c44763018cdf616c7fe5f16640 (patch) | |
tree | cc3e6c5d69e4d0eee1e3bcb2c052aeb0be9035c8 /lib/libc/net/getaddrinfo.c | |
parent | 015eb27a8b0450258dd29fd9db494e07060a4a45 (diff) | |
download | FreeBSD-src-a0c0abfff1f209c44763018cdf616c7fe5f16640.zip FreeBSD-src-a0c0abfff1f209c44763018cdf616c7fe5f16640.tar.gz |
libc: Use SOCK_CLOEXEC for various internal file descriptors.
This change avoids undesirably passing some internal file descriptors to a
process created (fork+exec) by another thread.
Kernel support for SOCK_CLOEXEC was added in r248534, March 19, 2013.
Diffstat (limited to 'lib/libc/net/getaddrinfo.c')
-rw-r--r-- | lib/libc/net/getaddrinfo.c | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/lib/libc/net/getaddrinfo.c b/lib/libc/net/getaddrinfo.c index c6af6d8..495ebc1 100644 --- a/lib/libc/net/getaddrinfo.c +++ b/lib/libc/net/getaddrinfo.c @@ -831,7 +831,8 @@ set_source(struct ai_order *aio, struct policyhead *ph) get_port(&ai, "1", 0); /* open a socket to get the source address for the given dst */ - if ((s = _socket(ai.ai_family, ai.ai_socktype, ai.ai_protocol)) < 0) + if ((s = _socket(ai.ai_family, ai.ai_socktype | SOCK_CLOEXEC, + ai.ai_protocol)) < 0) return; /* give up */ if (_connect(s, ai.ai_addr, ai.ai_addrlen) < 0) goto cleanup; @@ -1131,7 +1132,7 @@ explore_null(const struct addrinfo *pai, const char *servname, * filter out AFs that are not supported by the kernel * XXX errno? */ - s = _socket(pai->ai_family, SOCK_DGRAM, 0); + s = _socket(pai->ai_family, SOCK_DGRAM | SOCK_CLOEXEC, 0); if (s < 0) { if (errno != EMFILE) return 0; @@ -1541,18 +1542,19 @@ addrconfig(struct addrinfo *pai) */ af = pai->ai_family; if (af == AF_UNSPEC) { - if ((s = _socket(AF_INET6, SOCK_DGRAM, 0)) < 0) + if ((s = _socket(AF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0)) < 0) af = AF_INET; else { _close(s); - if ((s = _socket(AF_INET, SOCK_DGRAM, 0)) < 0) + if ((s = _socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, + 0)) < 0) af = AF_INET6; else _close(s); } } if (af != AF_UNSPEC) { - if ((s = _socket(af, SOCK_DGRAM, 0)) < 0) + if ((s = _socket(af, SOCK_DGRAM | SOCK_CLOEXEC, 0)) < 0) return 0; _close(s); } |