diff options
author | jilles <jilles@FreeBSD.org> | 2013-09-06 23:49:54 +0000 |
---|---|---|
committer | jilles <jilles@FreeBSD.org> | 2013-09-06 23:49:54 +0000 |
commit | 979e7776c1b7757d835e4ee31d87ff732f881dc8 (patch) | |
tree | eab594c17a2831e2a1fd6a4c4ee94ad9a460b1c5 /lib/libc/resolv | |
parent | 1bfbe0af368b4bd2e86e176eb139d5269d78ebdc (diff) | |
download | FreeBSD-src-979e7776c1b7757d835e4ee31d87ff732f881dc8.zip FreeBSD-src-979e7776c1b7757d835e4ee31d87ff732f881dc8.tar.gz |
libc: Make resolver sockets close-on-exec (SOCK_CLOEXEC).
Although the resolver's sockets are exposed to applications via res_state,
I do not expect them to pass the sockets across execve().
Diffstat (limited to 'lib/libc/resolv')
-rw-r--r-- | lib/libc/resolv/res_send.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/lib/libc/resolv/res_send.c b/lib/libc/resolv/res_send.c index 716ae32..4896fe8 100644 --- a/lib/libc/resolv/res_send.c +++ b/lib/libc/resolv/res_send.c @@ -660,7 +660,8 @@ send_vc(res_state statp, if (statp->_vcsock >= 0) res_nclose(statp); - statp->_vcsock = _socket(nsap->sa_family, SOCK_STREAM, 0); + statp->_vcsock = _socket(nsap->sa_family, SOCK_STREAM | + SOCK_CLOEXEC, 0); #if !defined(USE_POLL) && !defined(USE_KQUEUE) if (statp->_vcsock > highestFD) { res_nclose(statp); @@ -851,7 +852,7 @@ send_dg(res_state statp, nsaplen = get_salen(nsap); if (EXT(statp).nssocks[ns] == -1) { EXT(statp).nssocks[ns] = _socket(nsap->sa_family, - SOCK_DGRAM, 0); + SOCK_DGRAM | SOCK_CLOEXEC, 0); #if !defined(USE_POLL) && !defined(USE_KQUEUE) if (EXT(statp).nssocks[ns] > highestFD) { res_nclose(statp); |