Date: Sun, 26 Oct 2008 21:55:19 +0000 (UTC) From: Ed Schouten <ed@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org Subject: svn commit: r184300 - in stable/7/lib: libc/stdlib libutil Message-ID: <200810262155.m9QLtJG5096815@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: ed Date: Sun Oct 26 21:55:19 2008 New Revision: 184300 URL: http://svn.freebsd.org/changeset/base/184300 Log: MFC r183565: Small cleanups to openpty(). - Pass O_NOCTTY to posix_openpt(2). This makes the implementation work consistently on implementations that make the PTY the controlling TTY by default. - Call unlockpt() before opening the slave device. POSIX mentions that de slave device should only be opened after grantpt() and unlockpt() have been called. - Replace some redundant code by a label. As a safety net, add a call to revoke() to unlockpt(). All applications out there use openpty(), explicitly call revoke() or implement their own PTY allocation routines. Adding the call to unlockpt() won't hurt, but will prevent foot-shooting. Reviewed by: jhb, kib Approved by: re Modified: stable/7/lib/libc/stdlib/grantpt.3 stable/7/lib/libc/stdlib/grantpt.c stable/7/lib/libutil/pty.c Modified: stable/7/lib/libc/stdlib/grantpt.3 ============================================================================== --- stable/7/lib/libc/stdlib/grantpt.3 Sun Oct 26 19:37:38 2008 (r184299) +++ stable/7/lib/libc/stdlib/grantpt.3 Sun Oct 26 21:55:19 2008 (r184300) @@ -212,11 +212,6 @@ and functions appeared in .Fx 5.0 . .Sh NOTES -The purpose of the -.Fn unlockpt -function has no meaning in -.Fx . -.Pp The flag .Dv O_NOCTTY is included for compatibility; in Modified: stable/7/lib/libc/stdlib/grantpt.c ============================================================================== --- stable/7/lib/libc/stdlib/grantpt.c Sun Oct 26 19:37:38 2008 (r184299) +++ stable/7/lib/libc/stdlib/grantpt.c Sun Oct 26 21:55:19 2008 (r184300) @@ -281,14 +281,20 @@ invalid: int unlockpt(int fildes) { + const char *slave; /* - * Unlocking a master/slave pseudo-terminal pair has no meaning in a - * non-streams PTY environment. However, we do ensure fildes is a - * valid master pseudo-terminal device. + * Even though unlocking a PTY has no meaning in a non-streams + * PTY environment, make this function call revoke() to ensure + * the PTY slave device is not being evesdropped. */ - if (ptsname(fildes) == NULL) + if ((slave = ptsname(fildes)) == NULL) return (-1); + if (revoke(slave) == -1) { + errno = EINVAL; + return (-1); + } + return (0); } Modified: stable/7/lib/libutil/pty.c ============================================================================== --- stable/7/lib/libutil/pty.c Sun Oct 26 19:37:38 2008 (r184299) +++ stable/7/lib/libutil/pty.c Sun Oct 26 21:55:19 2008 (r184300) @@ -56,37 +56,26 @@ openpty(int *amaster, int *aslave, char const char *slavename; int master, slave; - master = posix_openpt(O_RDWR); + master = posix_openpt(O_RDWR|O_NOCTTY); if (master == -1) return (-1); - if (grantpt(master) == -1) { - close(master); - return (-1); - } + if (grantpt(master) == -1) + goto bad; + + if (unlockpt(master) == -1) + goto bad; slavename = ptsname(master); - if (slavename == NULL) { - close(master); - return (-1); - } + if (slavename == NULL) + goto bad; - if (revoke(slavename) == -1) { - close(master); - return (-1); - } + if (revoke(slavename) == -1) + goto bad; slave = open(slavename, O_RDWR); - if (slave == -1) { - close(master); - return (-1); - } - - if (unlockpt(master) == -1) { - close(master); - close(slave); - return (-1); - } + if (slave == -1) + goto bad; *amaster = master; *aslave = slave; @@ -99,6 +88,9 @@ openpty(int *amaster, int *aslave, char ioctl(slave, TIOCSWINSZ, (char *)winp); return (0); + +bad: close(master); + return (-1); } int
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200810262155.m9QLtJG5096815>