From 80f4aa8bcd8d1590be8838e56f531f489c5bc12c Mon Sep 17 00:00:00 2001 From: Gerhard Rieger Date: Mon, 12 Jun 2023 12:23:37 +0200 Subject: [PATCH] Apply FD_CLOEXEC to FDs of message queuing socketpair --- CHANGES | 3 +++ error.c | 2 ++ 2 files changed, 5 insertions(+) diff --git a/CHANGES b/CHANGES index 9c6df9d..8328840 100644 --- a/CHANGES +++ b/CHANGES @@ -34,6 +34,9 @@ Corrections: Fixed an internal FD leak in the EXEC,SYSTEM addresses. + The FDs of the socketpair that queues messages from signal handlers + lacked FD_CLOEXEC and thus leaked into EXEC and SYSTEM child processes. + Features: VSOCK, VSOCK-L support options pf, socktype, prototype (currently useless) diff --git a/error.c b/error.c index 2fad6c2..a080ee2 100644 --- a/error.c +++ b/error.c @@ -119,6 +119,8 @@ static int diag_sock_pair(void) { diag_sock_recv = -1; return -1; } + fcntl(handlersocks[0], F_SETFD, FD_CLOEXEC); + fcntl(handlersocks[1], F_SETFD, FD_CLOEXEC); diag_sock_send = handlersocks[1]; diag_sock_recv = handlersocks[0]; #if !defined(MSG_DONTWAIT)