Author: jilles
Date: Fri Sep 6 21:02:06 2013
New Revision: 255328
URL: http://svnweb.freebsd.org/changeset/base/255328
Log:
libc: Use SOCK_CLOEXEC for various internal file descriptors.
This change avoids undesirably passing some internal file descriptors to a
process created (fork+exec) by another thread.
Kernel support for SOCK_CLOEXEC was added in r248534, March 19, 2013.
Modified:
head/lib/libc/net/getaddrinfo.c
head/lib/libc/net/if_nametoindex.c
head/lib/libc/net/name6.c
head/lib/libc/net/nscachedcli.c
Modified: head/lib/libc/net/getaddrinfo.c
==============================================================================
--- head/lib/libc/net/getaddrinfo.c Fri Sep 6 20:51:15 2013
(r255327)
+++ head/lib/libc/net/getaddrinfo.c Fri Sep 6 21:02:06 2013
(r255328)
@@ -831,7 +831,8 @@ set_source(struct ai_order *aio, struct
get_port(&ai, "1", 0);
/* open a socket to get the source address for the given dst */
- if ((s = _socket(ai.ai_family, ai.ai_socktype, ai.ai_protocol)) < 0)
+ if ((s = _socket(ai.ai_family, ai.ai_socktype | SOCK_CLOEXEC,
+ ai.ai_protocol)) < 0)
return; /* give up */
if (_connect(s, ai.ai_addr, ai.ai_addrlen) < 0)
goto cleanup;
@@ -1131,7 +1132,7 @@ explore_null(const struct addrinfo *pai,
* filter out AFs that are not supported by the kernel
* XXX errno?
*/
- s = _socket(pai->ai_family, SOCK_DGRAM, 0);
+ s = _socket(pai->ai_family, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (s < 0) {
if (errno != EMFILE)
return 0;
@@ -1541,18 +1542,19 @@ addrconfig(struct addrinfo *pai)
*/
af = pai->ai_family;
if (af == AF_UNSPEC) {
- if ((s = _socket(AF_INET6, SOCK_DGRAM, 0)) < 0)
+ if ((s = _socket(AF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0)) < 0)
af = AF_INET;
else {
_close(s);
- if ((s = _socket(AF_INET, SOCK_DGRAM, 0)) < 0)
+ if ((s = _socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC,
+ 0)) < 0)
af = AF_INET6;
else
_close(s);
}
}
if (af != AF_UNSPEC) {
- if ((s = _socket(af, SOCK_DGRAM, 0)) < 0)
+ if ((s = _socket(af, SOCK_DGRAM | SOCK_CLOEXEC, 0)) < 0)
return 0;
_close(s);
}
Modified: head/lib/libc/net/if_nametoindex.c
==============================================================================
--- head/lib/libc/net/if_nametoindex.c Fri Sep 6 20:51:15 2013
(r255327)
+++ head/lib/libc/net/if_nametoindex.c Fri Sep 6 21:02:06 2013
(r255328)
@@ -68,7 +68,7 @@ if_nametoindex(const char *ifname)
struct ifaddrs *ifaddrs, *ifa;
unsigned int ni;
- s = _socket(AF_INET, SOCK_DGRAM, 0);
+ s = _socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (s != -1) {
#ifdef PURIFY
memset(&ifr, 0, sizeof(ifr));
Modified: head/lib/libc/net/name6.c
==============================================================================
--- head/lib/libc/net/name6.c Fri Sep 6 20:51:15 2013 (r255327)
+++ head/lib/libc/net/name6.c Fri Sep 6 21:02:06 2013 (r255328)
@@ -235,7 +235,7 @@ getipnodebyname(const char *name, int af
if (flags & AI_ADDRCONFIG) {
int s;
- if ((s = _socket(af, SOCK_DGRAM, 0)) < 0)
+ if ((s = _socket(af, SOCK_DGRAM | SOCK_CLOEXEC, 0)) < 0)
return NULL;
/*
* TODO:
@@ -868,7 +868,8 @@ set_source(struct hp_order *aio, struct
}
/* open a socket to get the source address for the given dst */
- if ((s = _socket(ss.ss_family, SOCK_DGRAM, IPPROTO_UDP)) < 0)
+ if ((s = _socket(ss.ss_family, SOCK_DGRAM | SOCK_CLOEXEC,
+ IPPROTO_UDP)) < 0)
return; /* give up */
if (_connect(s, (struct sockaddr *)&ss, ss.ss_len) < 0)
goto cleanup;
Modified: head/lib/libc/net/nscachedcli.c
==============================================================================
--- head/lib/libc/net/nscachedcli.c Fri Sep 6 20:51:15 2013
(r255327)
+++ head/lib/libc/net/nscachedcli.c Fri Sep 6 21:02:06 2013
(r255328)
@@ -200,7 +200,7 @@ __open_cached_connection(struct cached_c
assert(params != NULL);
- client_socket = _socket(PF_LOCAL, SOCK_STREAM, 0);
+ client_socket = _socket(PF_LOCAL, SOCK_STREAM | SOCK_CLOEXEC, 0);
client_address.sun_family = PF_LOCAL;
strncpy(client_address.sun_path, params->socket_path,
sizeof(client_address.sun_path));
_______________________________________________
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
