This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: O_CLOEXEC and dynamic loading

From: Ross Lagerwall <rosslagerwall at gmail dot com>
To: Ulrich Drepper <drepper at gmail dot com>
Cc: libc-alpha at sourceware dot org
Date: Thu, 08 Sep 2011 07:56:21 +0200
Subject: Re: O_CLOEXEC and dynamic loading
References: <1315233205.1559.11.camel@hobo> <CAOPLpQdeEZWKJhegPzU1kk+BZdS2X-xWvH9WqhmMV4+6Qjq5=A@mail.gmail.com>

On Thu, 2011-09-08 at 00:02 -0400, Ulrich Drepper wrote:
> Patches must be based on the most recent sources.  I've added the missing flag.

Thanks for patching it :-)

>From what I understand, your commits have added O_CLOEXEC for
opening /etc/ld.so.cache and any *.so library file.

The other part of the test program used a dns lookup. I would assume
that it should also use the cloexec flag on all the files and sockets
that it uses otherwise a dns lookup and fork in parallel could cause an
fd to be leaked.

Attached is an *untested* patch against the latest master which adds the
cloexec flag to the places where it seems to be needed for dns lookups.
(I am not familiar with the glibc codebase so I may have missed a few)

Cheers
Ross

diff --git a/nss/nsswitch.c b/nss/nsswitch.c
index 6c15c3a..3ca0e5a 100644
--- a/nss/nsswitch.c
+++ b/nss/nsswitch.c
@@ -501,7 +501,7 @@ nss_parse_file (const char *fname)
   size_t len;
 
   /* Open the configuration file.  */
-  fp = fopen (fname, "rc");
+  fp = fopen (fname, "rce");
   if (fp == NULL)
     return NULL;
 
diff --git a/resolv/gethnamaddr.c b/resolv/gethnamaddr.c
index 5cf660a..3be5f8c 100644
--- a/resolv/gethnamaddr.c
+++ b/resolv/gethnamaddr.c
@@ -787,7 +787,7 @@ _sethtent(f)
 	int f;
 {
 	if (!hostf)
-		hostf = fopen(_PATH_HOSTS, "r" );
+		hostf = fopen(_PATH_HOSTS, "re" );
 	else
 		rewind(hostf);
 	stayopen = f;
@@ -810,7 +810,7 @@ _gethtent()
 	register char *cp, **q;
 	int af, len;
 
-	if (!hostf && !(hostf = fopen(_PATH_HOSTS, "r" ))) {
+	if (!hostf && !(hostf = fopen(_PATH_HOSTS, "re" ))) {
 		__set_h_errno (NETDB_INTERNAL);
 		return (NULL);
 	}
diff --git a/resolv/res_hconf.c b/resolv/res_hconf.c
index fc4b83f..9a4e89c 100644
--- a/resolv/res_hconf.c
+++ b/resolv/res_hconf.c
@@ -309,7 +309,7 @@ do_init (void)
   if (hconf_name == NULL)
     hconf_name = _PATH_HOSTCONF;
 
-  fp = fopen (hconf_name, "rc");
+  fp = fopen (hconf_name, "rce");
   if (fp)
     {
       /* No threads using this stream.  */
@@ -412,7 +412,7 @@ _res_hconf_reorder_addrs (struct hostent *hp)
       /* Initialize interface table.  */
 
       /* The SIOCGIFNETMASK ioctl will only work on an AF_INET socket.  */
-      sd = __socket (AF_INET, SOCK_DGRAM, 0);
+      sd = __socket (AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
       if (sd < 0)
 	return;
 
diff --git a/resolv/res_init.c b/resolv/res_init.c
index 73caaa4..c58c763 100644
--- a/resolv/res_init.c
+++ b/resolv/res_init.c
@@ -233,7 +233,7 @@ __res_vinit(res_state statp, int preinit) {
 	(line[sizeof(name) - 1] == ' ' || \
 	 line[sizeof(name) - 1] == '\t'))
 
-	if ((fp = fopen(_PATH_RESCONF, "rc")) != NULL) {
+	if ((fp = fopen(_PATH_RESCONF, "rce")) != NULL) {
 	    /* No threads use this stream.  */
 	    __fsetlocking (fp, FSETLOCKING_BYCALLER);
 	    /* read the config file */
diff --git a/resolv/res_send.c b/resolv/res_send.c
index a001c1e..8ce2294 100644
--- a/resolv/res_send.c
+++ b/resolv/res_send.c
@@ -696,7 +696,7 @@ send_vc(res_state statp,
 		if (statp->_vcsock >= 0)
 		  __res_iclose(statp, false);
 
-		statp->_vcsock = socket(nsap->sin6_family, SOCK_STREAM, 0);
+		statp->_vcsock = socket(nsap->sin6_family, SOCK_STREAM | SOCK_CLOEXEC, 0);
 		if (statp->_vcsock < 0) {
 			*terrno = errno;
 			Perror(statp, stderr, "socket(vc)", errno);
@@ -919,7 +919,7 @@ reopen (res_state statp, int *terrno, int ns)
 		if (nsap->sa_family == AF_INET6 && !statp->ipv6_unavail) {
 			if (__builtin_expect (__have_o_nonblock >= 0, 1)) {
 				EXT(statp).nssocks[ns] =
-				  socket(PF_INET6, SOCK_DGRAM|SOCK_NONBLOCK,
+				  socket(PF_INET6, SOCK_DGRAM|SOCK_NONBLOCK|SOCK_CLOEXEC,
 					 0);
 #ifndef __ASSUME_SOCK_CLOEXEC
 				if (__have_o_nonblock == 0)
@@ -930,14 +930,14 @@ reopen (res_state statp, int *terrno, int ns)
 			}
 			if (__builtin_expect (__have_o_nonblock < 0, 0))
 				EXT(statp).nssocks[ns] =
-				  socket(PF_INET6, SOCK_DGRAM, 0);
+				  socket(PF_INET6, SOCK_DGRAM|SOCK_CLOEXEC, 0);
 			if (EXT(statp).nssocks[ns] < 0)
 			    statp->ipv6_unavail = errno == EAFNOSUPPORT;
 			slen = sizeof (struct sockaddr_in6);
 		} else if (nsap->sa_family == AF_INET) {
 			if (__builtin_expect (__have_o_nonblock >= 0, 1)) {
 				EXT(statp).nssocks[ns]
-				  = socket(PF_INET, SOCK_DGRAM|SOCK_NONBLOCK,
+				  = socket(PF_INET, SOCK_DGRAM|SOCK_NONBLOCK|SOCK_CLOEXEC,
 					   0);
 #ifndef __ASSUME_SOCK_CLOEXEC
 				if (__have_o_nonblock == 0)
@@ -948,7 +948,7 @@ reopen (res_state statp, int *terrno, int ns)
 			}
 			if (__builtin_expect (__have_o_nonblock < 0, 0))
 				EXT(statp).nssocks[ns]
-				  = socket(PF_INET, SOCK_DGRAM, 0);
+				  = socket(PF_INET, SOCK_DGRAM|SOCK_CLOEXEC, 0);
 			slen = sizeof (struct sockaddr_in);
 		}
 		if (EXT(statp).nssocks[ns] < 0) {
diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c
index a5aafe9..445107a 100644
--- a/sysdeps/posix/getaddrinfo.c
+++ b/sysdeps/posix/getaddrinfo.c
@@ -2499,7 +2499,7 @@ getaddrinfo (const char *name, const char *service,
 		  close_retry:
 		    close_not_cancel_no_status (fd);
 		  af = q->ai_family;
-		  fd = __socket (af, SOCK_DGRAM, IPPROTO_IP);
+		  fd = __socket (af, SOCK_DGRAM | SOCK_CLOEXEC, IPPROTO_IP);
 		}
 	      else
 		{

References:
- O_CLOEXEC and dynamic loading
  - From: Ross Lagerwall
- Re: O_CLOEXEC and dynamic loading
  - From: Ulrich Drepper

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]