From owner-svn-ports-all@freebsd.org Thu Jul 6 03:01:07 2017 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id F14F5D9BC29; Thu, 6 Jul 2017 03:01:07 +0000 (UTC) (envelope-from jbeich@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A21427C7DA; Thu, 6 Jul 2017 03:01:07 +0000 (UTC) (envelope-from jbeich@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v66315oX053499; Thu, 6 Jul 2017 03:01:05 GMT (envelope-from jbeich@FreeBSD.org) Received: (from jbeich@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id v66315wh053497; Thu, 6 Jul 2017 03:01:05 GMT (envelope-from jbeich@FreeBSD.org) Message-Id: <201707060301.v66315wh053497@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jbeich set sender to jbeich@FreeBSD.org using -f From: Jan Beich Date: Thu, 6 Jul 2017 03:01:05 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r445124 - in branches/2017Q3/x11/libxshmfence: . files X-SVN-Group: ports-branches X-SVN-Commit-Author: jbeich X-SVN-Commit-Paths: in branches/2017Q3/x11/libxshmfence: . files X-SVN-Commit-Revision: 445124 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Jul 2017 03:01:08 -0000 Author: jbeich Date: Thu Jul 6 03:01:05 2017 New Revision: 445124 URL: https://svnweb.freebsd.org/changeset/ports/445124 Log: MFH: r445016 x11/libxshmfence: don't leak /tmp/shmfd* files with O_CLOEXEC - Both mkostemp() and mkstemp() need explicit call to unlink() - Unobfuscate fallback if both O_TMPFILE and mksotemp() are N/A - O_TMPFILE (Linux-only) appeared after O_CLOEXEC, no need to check PR: 217676 (for tracking) Approved by: ports-secteam (junovitch) Modified: branches/2017Q3/x11/libxshmfence/Makefile branches/2017Q3/x11/libxshmfence/files/patch-src__xshmfence_alloc.c Directory Properties: branches/2017Q3/ (props changed) Modified: branches/2017Q3/x11/libxshmfence/Makefile ============================================================================== --- branches/2017Q3/x11/libxshmfence/Makefile Thu Jul 6 02:21:23 2017 (r445123) +++ branches/2017Q3/x11/libxshmfence/Makefile Thu Jul 6 03:01:05 2017 (r445124) @@ -2,7 +2,7 @@ PORTNAME= libxshmfence PORTVERSION= 1.2 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= x11 MAINTAINER= x11@FreeBSD.org Modified: branches/2017Q3/x11/libxshmfence/files/patch-src__xshmfence_alloc.c ============================================================================== --- branches/2017Q3/x11/libxshmfence/files/patch-src__xshmfence_alloc.c Thu Jul 6 02:21:23 2017 (r445123) +++ branches/2017Q3/x11/libxshmfence/files/patch-src__xshmfence_alloc.c Thu Jul 6 03:01:05 2017 (r445124) @@ -1,24 +1,14 @@ --- src/xshmfence_alloc.c.orig 2015-03-04 15:28:23 UTC +++ src/xshmfence_alloc.c -@@ -67,15 +67,19 @@ int - xshmfence_alloc_shm(void) - { - char template[] = SHMDIR "/shmfd-XXXXXX"; -- int fd; -+ int fd = -1; - - #if HAVE_MEMFD_CREATE - fd = memfd_create("xshmfence", MFD_CLOEXEC|MFD_ALLOW_SEALING); - if (fd < 0) - #endif - { --#ifdef O_TMPFILE -+#if defined(O_CLOEXEC) -+#if defined(HAVE_MKOSTEMP) -+ fd = mkostemp(template, O_CLOEXEC); -+#elif defined(O_TMPFILE) - fd = open(SHMDIR, O_TMPFILE|O_RDWR|O_CLOEXEC|O_EXCL, 0666); -+#endif +@@ -79,7 +79,11 @@ xshmfence_alloc_shm(void) if (fd < 0) #endif { ++#ifdef HAVE_MKOSTEMP ++ fd = mkostemp(template, O_CLOEXEC); ++#else + fd = mkstemp(template); ++#endif + if (fd < 0) + return fd; + unlink(template);