diff options
author | jilles <jilles@FreeBSD.org> | 2012-09-29 11:54:34 +0000 |
---|---|---|
committer | jilles <jilles@FreeBSD.org> | 2012-09-29 11:54:34 +0000 |
commit | fba61ef227067b4f30ac71dee816dd39abee1c8e (patch) | |
tree | 89610d7c33533a1abd5218d8db331931ee9e6327 /lib/libc/stdlib | |
parent | 576f4f1ec84faf13f14984bdf7f8f07357e3ab02 (diff) | |
download | FreeBSD-src-fba61ef227067b4f30ac71dee816dd39abee1c8e.zip FreeBSD-src-fba61ef227067b4f30ac71dee816dd39abee1c8e.tar.gz |
libc: Use O_CLOEXEC for various internal file descriptors.
This fixes a race condition where another thread may fork() before CLOEXEC
is set, unintentionally passing the descriptor to the child process.
This commit only adds O_CLOEXEC flags to open() or openat() calls where no
fcntl(fd, F_SETFD, FD_CLOEXEC) follows. The separate fcntl() call still
leaves a race window so it should be fixed later.
Diffstat (limited to 'lib/libc/stdlib')
-rw-r--r-- | lib/libc/stdlib/rand.c | 2 | ||||
-rw-r--r-- | lib/libc/stdlib/random.c | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/lib/libc/stdlib/rand.c b/lib/libc/stdlib/rand.c index 077c1ba..3835976 100644 --- a/lib/libc/stdlib/rand.c +++ b/lib/libc/stdlib/rand.c @@ -121,7 +121,7 @@ sranddev() int fd, done; done = 0; - fd = _open("/dev/random", O_RDONLY, 0); + fd = _open("/dev/random", O_RDONLY | O_CLOEXEC, 0); if (fd >= 0) { if (_read(fd, (void *) &next, sizeof(next)) == sizeof(next)) done = 1; diff --git a/lib/libc/stdlib/random.c b/lib/libc/stdlib/random.c index 6da5419..4a1af54 100644 --- a/lib/libc/stdlib/random.c +++ b/lib/libc/stdlib/random.c @@ -303,7 +303,7 @@ srandomdev(void) len = rand_deg * sizeof state[0]; done = 0; - fd = _open("/dev/random", O_RDONLY, 0); + fd = _open("/dev/random", O_RDONLY | O_CLOEXEC, 0); if (fd >= 0) { if (_read(fd, (void *) state, len) == (ssize_t) len) done = 1; |