Bug #3248 » 0009-sh-1-Reapply-330497ceac-fix-O_CLOEXEC-race-in-open-f.patch
| bin/sh/input.c | ||
|---|---|---|
|
int fd2;
|
||
|
INTOFF;
|
||
|
if ((fd = open(fname, O_RDONLY | O_CLOEXEC)) < 0) {
|
||
|
if ((fd = open(fname, O_RDONLY | O_CLOEXEC_MAYBE)) < 0) {
|
||
|
e = errno;
|
||
|
errorwithstatus(e == ENOENT || e == ENOTDIR ? 127 : 126,
|
||
|
"cannot open %s: %s", fname, strerror(e));
|
||
|
}
|
||
|
if (fd < 10) {
|
||
|
fd2 = fcntl(fd, F_DUPFD_CLOEXEC, 10);
|
||
|
fd2 = fcntl(fd, F_DUPFD_CLOEXEC_MAYBE, 10);
|
||
|
close(fd);
|
||
|
if (fd2 < 0)
|
||
|
error("Out of file descriptors");
|
||
| ... | ... | |
|
void
|
||
|
setinputfd(int fd, int push)
|
||
|
{
|
||
|
#if !defined(O_CLOEXEC) || !defined(F_DUPFD_CLOEXEC)
|
||
|
fcntl(fd, F_SETFD, FD_CLOEXEC);
|
||
|
#endif
|
||
|
if (push) {
|
||
|
pushfile();
|
||
|
parsefile->buf = ckmalloc(BUFSIZ + 1);
|
||
| bin/sh/jobs.c | ||
|---|---|---|
|
if (on) {
|
||
|
if (ttyfd != -1)
|
||
|
close(ttyfd);
|
||
|
if ((ttyfd = open(_PATH_TTY, O_RDWR | O_CLOEXEC)) < 0) {
|
||
|
if ((ttyfd = open(_PATH_TTY, O_RDWR | O_CLOEXEC_MAYBE)) < 0) {
|
||
|
i = 0;
|
||
|
while (i <= 2 && !isatty(i))
|
||
|
i++;
|
||
|
if (i > 2 ||
|
||
|
(ttyfd = fcntl(i, F_DUPFD_CLOEXEC, 10)) < 0) {
|
||
|
(ttyfd = fcntl(i, F_DUPFD_CLOEXEC_MAYBE, 10)) < 0) {
|
||
|
jobctl_notty();
|
||
|
return;
|
||
|
}
|
||
| ... | ... | |
|
* Keep our TTY file descriptor out of the way of
|
||
|
* the user's redirections.
|
||
|
*/
|
||
|
if ((i = fcntl(ttyfd, F_DUPFD_CLOEXEC, 10)) < 0) {
|
||
|
if ((i = fcntl(ttyfd, F_DUPFD_CLOEXEC_MAYBE, 10)) < 0) {
|
||
|
jobctl_notty();
|
||
|
return;
|
||
|
}
|
||
|
close(ttyfd);
|
||
|
ttyfd = i;
|
||
|
}
|
||
|
#if !defined(O_CLOEXEC) || !defined(F_DUPFD_CLOEXEC)
|
||
|
if (fcntl(ttyfd, F_SETFD, FD_CLOEXEC) < 0) {
|
||
|
close(ttyfd);
|
||
|
ttyfd = -1;
|
||
|
goto out;
|
||
|
}
|
||
|
#endif
|
||
|
do { /* while we are in the background */
|
||
|
initialpgrp = tcgetpgrp(ttyfd);
|
||
|
if (initialpgrp < 0) {
|
||
|
#if !defined(O_CLOEXEC) || !defined(F_DUPFD_CLOEXEC)
|
||
|
out:
|
||
|
#endif
|
||
|
jobctl_notty();
|
||
|
return;
|
||
|
}
|
||
| bin/sh/main.c | ||
|---|---|---|
|
if (expandedname == NULL)
|
||
|
return;
|
||
|
INTOFF;
|
||
|
if ((fd = open(expandedname, O_RDONLY | O_CLOEXEC)) >= 0)
|
||
|
if ((fd = open(expandedname, O_RDONLY | O_CLOEXEC_MAYBE)) >= 0)
|
||
|
setinputfd(fd, 1);
|
||
|
INTON;
|
||
|
if (fd < 0)
|
||
| bin/sh/redir.c | ||
|---|---|---|
|
if ((flags & REDIR_PUSH) && sv->renamed[fd] == EMPTY) {
|
||
|
INTOFF;
|
||
|
if ((i = fcntl(fd, F_DUPFD_CLOEXEC, 10)) == -1) {
|
||
|
if ((i = fcntl(fd, F_DUPFD_CLOEXEC_MAYBE, 10)) == -1) {
|
||
|
switch (errno) {
|
||
|
case EBADF:
|
||
|
i = CLOSED;
|
||
| ... | ... | |
|
break;
|
||
|
}
|
||
|
}
|
||
|
#if !defined(O_CLOEXEC) || !defined(F_DUPFD_CLOEXEC)
|
||
|
else {
|
||
|
fcntl(i, F_SETFD, FD_CLOEXEC);
|
||
|
}
|
||
|
#endif
|
||
|
sv->renamed[fd] = i;
|
||
|
INTON;
|
||
|
}
|
||
| bin/sh/shell.h | ||
|---|---|---|
|
#define JOBS 1
|
||
|
/* #define DEBUG 1 */
|
||
|
/*
|
||
|
* Allow compilation with older versions of DragonFly or on
|
||
|
* systems without these features.
|
||
|
*/
|
||
|
#ifdef F_DUPFD_CLOEXEC
|
||
|
#define F_DUPFD_CLOEXEC_MAYBE F_DUPFD_CLOEXEC
|
||
|
#else
|
||
|
#define F_DUPFD_CLOEXEC_MAYBE F_DUPFD
|
||
|
#endif
|
||
|
#ifdef O_CLOEXEC
|
||
|
#define O_CLOEXEC_MAYBE O_CLOEXEC
|
||
|
#else
|
||
|
#define O_CLOEXEC_MAYBE 0
|
||
|
#endif
|
||
|
/*
|
||
|
* Type of used arithmetics. SUSv3 requires us to have at least signed long.
|
||
|
*/
|
||