diff options
| author | Richard W.M. Jones <rjones@redhat.com> | 2012-03-14 19:30:46 +0000 |
|---|---|---|
| committer | Richard W.M. Jones <rjones@redhat.com> | 2012-03-14 19:30:46 +0000 |
| commit | 606732d02e678161ff433040a21d54fc2ea8bb43 (patch) | |
| tree | 7549558e51d1dd45a45e71ce219084e368eb845d /tests | |
| parent | 13e7a1b400b7e2a5e9335d25205b09e74c89d858 (diff) | |
| download | libguestfs-606732d02e678161ff433040a21d54fc2ea8bb43.tar.gz libguestfs-606732d02e678161ff433040a21d54fc2ea8bb43.tar.xz libguestfs-606732d02e678161ff433040a21d54fc2ea8bb43.zip | |
Use O_CLOEXEC / SOCK_CLOEXEC for almost all file descriptors.
The presumption is that all file descriptors should be created with
the close-on-exec flag set. The only exception are file descriptors
that we want passed through to exec'd subprocesses (mainly pipes and
stdin/stdout/stderr).
For open calls, we pass O_CLOEXEC as an extra flag, eg:
fd = open ("foo", O_RDONLY|O_CLOEXEC);
This is a Linux-ism, but using a macro we can easily make it portable.
For sockets, similarly:
sock = socket (..., SOCK_STREAM|SOCK_CLOEXEC, ...);
For accepted sockets, we use the Linux accept4 system call which
allows flags to be supplied, but we use the Gnulib 'accept4' module to
make this portable.
For dup, dup2, we use the Linux dup3 system call, and the Gnulib
modules 'dup3' and 'cloexec'.
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/c-api/test-last-errno.c | 6 | ||||
| -rw-r--r-- | tests/c-api/test-user-cancel.c | 20 |
2 files changed, 24 insertions, 2 deletions
diff --git a/tests/c-api/test-last-errno.c b/tests/c-api/test-last-errno.c index 31a5c4de..ab4479be 100644 --- a/tests/c-api/test-last-errno.c +++ b/tests/c-api/test-last-errno.c @@ -31,6 +31,10 @@ #include "guestfs.h" +#ifndef O_CLOEXEC +#define O_CLOEXEC +#endif + int main (int argc, char *argv[]) { @@ -45,7 +49,7 @@ main (int argc, char *argv[]) exit (EXIT_FAILURE); } - fd = open (filename, O_WRONLY|O_CREAT|O_NOCTTY|O_TRUNC, 0666); + fd = open (filename, O_WRONLY|O_CREAT|O_TRUNC|O_NOCTTY|O_CLOEXEC, 0666); if (fd == -1) { perror (filename); exit (EXIT_FAILURE); diff --git a/tests/c-api/test-user-cancel.c b/tests/c-api/test-user-cancel.c index 4908f953..39763bf0 100644 --- a/tests/c-api/test-user-cancel.c +++ b/tests/c-api/test-user-cancel.c @@ -46,6 +46,10 @@ #include "guestfs.h" +#ifndef O_CLOEXEC +#define O_CLOEXEC +#endif + static const char *filename = "test.img"; static const off_t filesize = 1024*1024*1024; @@ -83,7 +87,7 @@ main (int argc, char *argv[]) } /* Create a test image and test data. */ - fd = open (filename, O_WRONLY|O_CREAT|O_TRUNC|O_NOCTTY, 0666); + fd = open (filename, O_WRONLY|O_CREAT|O_TRUNC|O_NOCTTY|O_CLOEXEC, 0666); if (fd == -1) { perror (filename); exit (EXIT_FAILURE); @@ -135,6 +139,13 @@ main (int argc, char *argv[]) exit (EXIT_FAILURE); } + /* We don't want the pipe to be passed to subprocesses. */ + if (fcntl (fds[0], F_SETFD, FD_CLOEXEC) == -1 || + fcntl (fds[1], F_SETFD, FD_CLOEXEC) == -1) { + perror ("fcntl"); + exit (EXIT_FAILURE); + } + data.fd = fds[1]; snprintf (dev_fd, sizeof dev_fd, "/dev/fd/%d", fds[0]); @@ -196,6 +207,13 @@ main (int argc, char *argv[]) exit (EXIT_FAILURE); } + /* We don't want the pipe to be passed to subprocesses. */ + if (fcntl (fds[0], F_SETFD, FD_CLOEXEC) == -1 || + fcntl (fds[1], F_SETFD, FD_CLOEXEC) == -1) { + perror ("fcntl"); + exit (EXIT_FAILURE); + } + data.fd = fds[0]; snprintf (dev_fd, sizeof dev_fd, "/dev/fd/%d", fds[1]); |