| Message ID | 20220527044700.3666830-2-dominique.martinet@atmark-techno.com |
|---|---|
| State | Accepted |
| Headers | show |
| Series | Avoid leaking fd to child processes: use CLOEXEC | expand |
On 27.05.22 06:46, Dominique Martinet wrote: > When running with swupdate -i the swu fd was leaked to subprocess > > Signed-off-by: Dominique Martinet <dominique.martinet@atmark-techno.com> > --- > core/install_from_file.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/core/install_from_file.c b/core/install_from_file.c > index 9614170ba8d7..b49f624c9ae7 100644 > --- a/core/install_from_file.c > +++ b/core/install_from_file.c > @@ -75,7 +75,7 @@ int install_from_file(const char *filename, bool check) > int rc; > int timeout_cnt = 3; > > - if (filename && (fd = open(filename, O_RDONLY)) < 0) { > + if (filename && (fd = open(filename, O_RDONLY|O_CLOEXEC)) < 0) { > fprintf(stderr, "Unable to open %s\n", filename); > return EXIT_FAILURE; > } Agree to add it, but the issue comes if some processes are started after opening files, and this is the case with the notifier to have as soon as possible the log functionalities. But when the file is opened here, no further processes are created. Anyway: Reviewed-by: Stefano Babic <sbabic@denx.de> Best regards, Stefano
diff --git a/core/install_from_file.c b/core/install_from_file.c index 9614170ba8d7..b49f624c9ae7 100644 --- a/core/install_from_file.c +++ b/core/install_from_file.c @@ -75,7 +75,7 @@ int install_from_file(const char *filename, bool check) int rc; int timeout_cnt = 3; - if (filename && (fd = open(filename, O_RDONLY)) < 0) { + if (filename && (fd = open(filename, O_RDONLY|O_CLOEXEC)) < 0) { fprintf(stderr, "Unable to open %s\n", filename); return EXIT_FAILURE; }
When running with swupdate -i the swu fd was leaked to subprocess Signed-off-by: Dominique Martinet <dominique.martinet@atmark-techno.com> --- core/install_from_file.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)