Date: Fri, 6 Sep 2013 21:02:06 +0000 (UTC) From: Jilles Tjoelker <jilles@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r255328 - head/lib/libc/net Message-ID: <201309062102.r86L26P1082995@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jilles Date: Fri Sep 6 21:02:06 2013 New Revision: 255328 URL: http://svnweb.freebsd.org/changeset/base/255328 Log: libc: Use SOCK_CLOEXEC for various internal file descriptors. This change avoids undesirably passing some internal file descriptors to a process created (fork+exec) by another thread. Kernel support for SOCK_CLOEXEC was added in r248534, March 19, 2013. Modified: head/lib/libc/net/getaddrinfo.c head/lib/libc/net/if_nametoindex.c head/lib/libc/net/name6.c head/lib/libc/net/nscachedcli.c Modified: head/lib/libc/net/getaddrinfo.c ============================================================================== --- head/lib/libc/net/getaddrinfo.c Fri Sep 6 20:51:15 2013 (r255327) +++ head/lib/libc/net/getaddrinfo.c Fri Sep 6 21:02:06 2013 (r255328) @@ -831,7 +831,8 @@ set_source(struct ai_order *aio, struct get_port(&ai, "1", 0); /* open a socket to get the source address for the given dst */ - if ((s = _socket(ai.ai_family, ai.ai_socktype, ai.ai_protocol)) < 0) + if ((s = _socket(ai.ai_family, ai.ai_socktype | SOCK_CLOEXEC, + ai.ai_protocol)) < 0) return; /* give up */ if (_connect(s, ai.ai_addr, ai.ai_addrlen) < 0) goto cleanup; @@ -1131,7 +1132,7 @@ explore_null(const struct addrinfo *pai, * filter out AFs that are not supported by the kernel * XXX errno? */ - s = _socket(pai->ai_family, SOCK_DGRAM, 0); + s = _socket(pai->ai_family, SOCK_DGRAM | SOCK_CLOEXEC, 0); if (s < 0) { if (errno != EMFILE) return 0; @@ -1541,18 +1542,19 @@ addrconfig(struct addrinfo *pai) */ af = pai->ai_family; if (af == AF_UNSPEC) { - if ((s = _socket(AF_INET6, SOCK_DGRAM, 0)) < 0) + if ((s = _socket(AF_INET6, SOCK_DGRAM | SOCK_CLOEXEC, 0)) < 0) af = AF_INET; else { _close(s); - if ((s = _socket(AF_INET, SOCK_DGRAM, 0)) < 0) + if ((s = _socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, + 0)) < 0) af = AF_INET6; else _close(s); } } if (af != AF_UNSPEC) { - if ((s = _socket(af, SOCK_DGRAM, 0)) < 0) + if ((s = _socket(af, SOCK_DGRAM | SOCK_CLOEXEC, 0)) < 0) return 0; _close(s); } Modified: head/lib/libc/net/if_nametoindex.c ============================================================================== --- head/lib/libc/net/if_nametoindex.c Fri Sep 6 20:51:15 2013 (r255327) +++ head/lib/libc/net/if_nametoindex.c Fri Sep 6 21:02:06 2013 (r255328) @@ -68,7 +68,7 @@ if_nametoindex(const char *ifname) struct ifaddrs *ifaddrs, *ifa; unsigned int ni; - s = _socket(AF_INET, SOCK_DGRAM, 0); + s = _socket(AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0); if (s != -1) { #ifdef PURIFY memset(&ifr, 0, sizeof(ifr)); Modified: head/lib/libc/net/name6.c ============================================================================== --- head/lib/libc/net/name6.c Fri Sep 6 20:51:15 2013 (r255327) +++ head/lib/libc/net/name6.c Fri Sep 6 21:02:06 2013 (r255328) @@ -235,7 +235,7 @@ getipnodebyname(const char *name, int af if (flags & AI_ADDRCONFIG) { int s; - if ((s = _socket(af, SOCK_DGRAM, 0)) < 0) + if ((s = _socket(af, SOCK_DGRAM | SOCK_CLOEXEC, 0)) < 0) return NULL; /* * TODO: @@ -868,7 +868,8 @@ set_source(struct hp_order *aio, struct } /* open a socket to get the source address for the given dst */ - if ((s = _socket(ss.ss_family, SOCK_DGRAM, IPPROTO_UDP)) < 0) + if ((s = _socket(ss.ss_family, SOCK_DGRAM | SOCK_CLOEXEC, + IPPROTO_UDP)) < 0) return; /* give up */ if (_connect(s, (struct sockaddr *)&ss, ss.ss_len) < 0) goto cleanup; Modified: head/lib/libc/net/nscachedcli.c ============================================================================== --- head/lib/libc/net/nscachedcli.c Fri Sep 6 20:51:15 2013 (r255327) +++ head/lib/libc/net/nscachedcli.c Fri Sep 6 21:02:06 2013 (r255328) @@ -200,7 +200,7 @@ __open_cached_connection(struct cached_c assert(params != NULL); - client_socket = _socket(PF_LOCAL, SOCK_STREAM, 0); + client_socket = _socket(PF_LOCAL, SOCK_STREAM | SOCK_CLOEXEC, 0); client_address.sun_family = PF_LOCAL; strncpy(client_address.sun_path, params->socket_path, sizeof(client_address.sun_path));
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201309062102.r86L26P1082995>