spawn: close all file descriptors before execve
No need to give whatever we're calling access to what we use
This commit is contained in:
parent
ccc7e3afae
commit
e4ce26c79f
|
@ -38,6 +38,7 @@
|
|||
#endif
|
||||
|
||||
#include "misc_log_ex.h"
|
||||
#include "util.h"
|
||||
#include "spawn.h"
|
||||
|
||||
namespace tools
|
||||
|
@ -101,6 +102,8 @@ int spawn(const char *filename, const std::vector<std::string>& args, bool wait)
|
|||
// child
|
||||
if (pid == 0)
|
||||
{
|
||||
tools::closefrom(3);
|
||||
close(0);
|
||||
char *envp[] = {NULL};
|
||||
execve(filename, argv, envp);
|
||||
MERROR("Failed to execve: " << strerror(errno));
|
||||
|
|
|
@ -28,6 +28,7 @@
|
|||
//
|
||||
// Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers
|
||||
|
||||
#include <unistd.h>
|
||||
#include <cstdio>
|
||||
|
||||
#ifdef __GLIBC__
|
||||
|
@ -967,4 +968,23 @@ std::string get_nix_version_display_string()
|
|||
}
|
||||
#endif
|
||||
|
||||
void closefrom(int fd)
|
||||
{
|
||||
#if defined __FreeBSD__ || defined __OpenBSD__ || defined __NetBSD__ || defined __DragonFly__
|
||||
::closefrom(fd);
|
||||
#else
|
||||
#if defined __GLIBC__
|
||||
const int sc_open_max = sysconf(_SC_OPEN_MAX);
|
||||
const int MAX_FDS = std::min(65536, sc_open_max);
|
||||
#else
|
||||
const int MAX_FDS = 65536;
|
||||
#endif
|
||||
while (fd < MAX_FDS)
|
||||
{
|
||||
close(fd);
|
||||
++fd;
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -238,4 +238,6 @@ namespace tools
|
|||
#ifdef _WIN32
|
||||
std::string input_line_win();
|
||||
#endif
|
||||
|
||||
void closefrom(int fd);
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue