diff options
author | jilles <jilles@FreeBSD.org> | 2013-08-27 21:47:01 +0000 |
---|---|---|
committer | jilles <jilles@FreeBSD.org> | 2013-08-27 21:47:01 +0000 |
commit | d4eb6863876c5d0e32187cc05757e22f06c2c1e8 (patch) | |
tree | 5208f5e7776d5d70e6466b62c2be414e6c91be5e /lib | |
parent | 2b254c93081ca42c7b0fd38416fca970ae42fa66 (diff) | |
download | FreeBSD-src-d4eb6863876c5d0e32187cc05757e22f06c2c1e8.zip FreeBSD-src-d4eb6863876c5d0e32187cc05757e22f06c2c1e8.tar.gz |
wordexp(): Avoid leaking the pipe file descriptors to a parallel fork/exec.
This uses the new pipe2() system call added on May 1 (r250159).
Diffstat (limited to 'lib')
-rw-r--r-- | lib/libc/gen/wordexp.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/lib/libc/gen/wordexp.c b/lib/libc/gen/wordexp.c index c361980..377caff 100644 --- a/lib/libc/gen/wordexp.c +++ b/lib/libc/gen/wordexp.c @@ -121,7 +121,7 @@ we_askshell(const char *words, wordexp_t *we, int flags) serrno = errno; - if (pipe(pdes) < 0) + if (pipe2(pdes, O_CLOEXEC) < 0) return (WRDE_NOSPACE); /* XXX */ (void)sigemptyset(&newsigblock); (void)sigaddset(&newsigblock, SIGCHLD); @@ -140,10 +140,10 @@ we_askshell(const char *words, wordexp_t *we, int flags) * builtin on `words'. */ (void)_sigprocmask(SIG_SETMASK, &oldsigblock, NULL); - _close(pdes[0]); - if (_dup2(pdes[1], STDOUT_FILENO) < 0) + if ((pdes[1] != STDOUT_FILENO ? + _dup2(pdes[1], STDOUT_FILENO) : + _fcntl(pdes[1], F_SETFD, 0)) < 0) _exit(1); - _close(pdes[1]); execl(_PATH_BSHELL, "sh", flags & WRDE_UNDEF ? "-u" : "+u", "-c", "eval \"$1\";eval \"wordexp $2\"", "", flags & WRDE_SHOWERR ? "" : "exec 2>/dev/null", words, |