Set the close-on-exec flag for all unused descriptors when
exec()ing other programs.
This commit is contained in:
parent
f580fbe343
commit
56bc7b51a6
@ -17,7 +17,7 @@
|
||||
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
|
||||
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
||||
*
|
||||
* $Id: chap.c,v 1.52 1999/06/09 08:47:29 brian Exp $
|
||||
* $Id: chap.c,v 1.53 1999/07/15 02:02:51 brian Exp $
|
||||
*
|
||||
* TODO:
|
||||
*/
|
||||
@ -35,6 +35,7 @@
|
||||
#include <md5.h>
|
||||
#include <paths.h>
|
||||
#include <signal.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/wait.h>
|
||||
@ -231,30 +232,25 @@ chap_StartChild(struct chap *chap, char *prog, const char *name)
|
||||
timer_TermService();
|
||||
close(in[1]);
|
||||
close(out[0]);
|
||||
if (out[1] == STDIN_FILENO) {
|
||||
fd = dup(out[1]);
|
||||
close(out[1]);
|
||||
out[1] = fd;
|
||||
}
|
||||
if (out[1] == STDIN_FILENO)
|
||||
out[1] = dup(out[1]);
|
||||
dup2(in[0], STDIN_FILENO);
|
||||
dup2(out[1], STDOUT_FILENO);
|
||||
if ((fd = open(_PATH_DEVNULL, O_RDWR)) == -1) {
|
||||
close(STDERR_FILENO);
|
||||
if (open(_PATH_DEVNULL, O_RDWR) != STDERR_FILENO) {
|
||||
log_Printf(LogALERT, "Chap: Failed to open %s: %s\n",
|
||||
_PATH_DEVNULL, strerror(errno));
|
||||
exit(1);
|
||||
}
|
||||
dup2(fd, STDERR_FILENO);
|
||||
fcntl(3, F_SETFD, 1); /* Set close-on-exec flag */
|
||||
|
||||
for (fd = getdtablesize(); fd > STDERR_FILENO; fd--)
|
||||
fcntl(fd, F_SETFD, 1);
|
||||
setuid(geteuid());
|
||||
argc = command_Interpret(prog, strlen(prog), argv);
|
||||
command_Expand(nargv, argc, (char const *const *)argv,
|
||||
chap->auth.physical->dl->bundle, 0, pid);
|
||||
execvp(nargv[0], nargv);
|
||||
|
||||
log_Printf(LogWARN, "exec() of %s failed: %s\n",
|
||||
nargv[0], strerror(errno));
|
||||
exit(255);
|
||||
printf("exec() of %s failed: %s\n", nargv[0], strerror(errno));
|
||||
_exit(255);
|
||||
|
||||
default:
|
||||
close(in[0]);
|
||||
|
@ -23,7 +23,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $Id: chat.c,v 1.58 1999/06/26 02:54:24 brian Exp $
|
||||
* $Id: chat.c,v 1.59 1999/06/26 02:54:36 brian Exp $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -682,7 +682,7 @@ ExecStr(struct physical *physical, char *command, char *out, int olen)
|
||||
pid_t pid;
|
||||
int fids[2];
|
||||
char *argv[MAXARGS], *vector[MAXARGS], *startout, *endout;
|
||||
int stat, nb, argc;
|
||||
int stat, nb, argc, i;
|
||||
|
||||
log_Printf(LogCHAT, "Exec: %s\n", command);
|
||||
argc = MakeArgs(command, vector, VECSIZE(vector));
|
||||
@ -698,19 +698,20 @@ ExecStr(struct physical *physical, char *command, char *out, int olen)
|
||||
if ((pid = fork()) == 0) {
|
||||
close(fids[0]);
|
||||
timer_TermService();
|
||||
fids[1] = fcntl(fids[1], F_DUPFD, 4);
|
||||
if (fids[1] == STDIN_FILENO)
|
||||
fids[1] = dup(fids[1]);
|
||||
dup2(physical->fd, STDIN_FILENO);
|
||||
dup2(STDIN_FILENO, STDOUT_FILENO);
|
||||
dup2(fids[1], STDERR_FILENO);
|
||||
dup2(STDIN_FILENO, STDOUT_FILENO);
|
||||
close(3);
|
||||
if (open(_PATH_TTY, O_RDWR) == 3)
|
||||
fcntl(3, F_SETFD, 0); /* Clear close-on-exec flag */
|
||||
else
|
||||
fcntl(3, F_SETFD, 1); /* Set close-on-exec flag */
|
||||
if (open(_PATH_TTY, O_RDWR) != 3)
|
||||
open(_PATH_DEVNULL, O_RDWR); /* Leave it closed if it fails... */
|
||||
for (i = getdtablesize(); i > 3; i--)
|
||||
fcntl(i, F_SETFD, 1);
|
||||
setuid(geteuid());
|
||||
execvp(argv[0], argv);
|
||||
fprintf(stderr, "execvp: %s: %s\n", argv[0], strerror(errno));
|
||||
exit(127);
|
||||
_exit(127);
|
||||
} else {
|
||||
char *name = strdup(vector[0]);
|
||||
|
||||
|
@ -17,7 +17,7 @@
|
||||
* IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
|
||||
* WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
||||
*
|
||||
* $Id: command.c,v 1.204 1999/08/02 21:45:35 brian Exp $
|
||||
* $Id: command.c,v 1.205 1999/08/05 10:32:09 brian Exp $
|
||||
*
|
||||
*/
|
||||
#include <sys/param.h>
|
||||
@ -144,7 +144,7 @@
|
||||
#define NEG_VJCOMP 53
|
||||
|
||||
const char Version[] = "2.23";
|
||||
const char VersionDate[] = "$Date: 1999/08/02 21:45:35 $";
|
||||
const char VersionDate[] = "$Date: 1999/08/05 10:32:09 $";
|
||||
|
||||
static int ShowCommand(struct cmdargs const *);
|
||||
static int TerminalCommand(struct cmdargs const *);
|
||||
@ -478,10 +478,11 @@ ShellCommand(struct cmdargs const *arg, int bg)
|
||||
_PATH_DEVNULL, strerror(errno));
|
||||
exit(1);
|
||||
}
|
||||
for (i = 0; i < 3; i++)
|
||||
dup2(fd, i);
|
||||
|
||||
fcntl(3, F_SETFD, 1); /* Set close-on-exec flag */
|
||||
dup2(fd, STDIN_FILENO);
|
||||
dup2(fd, STDOUT_FILENO);
|
||||
dup2(fd, STDERR_FILENO);
|
||||
for (i = getdtablesize(); i > STDERR_FILENO; i--)
|
||||
fcntl(i, F_SETFD, 1);
|
||||
|
||||
setuid(geteuid());
|
||||
if (arg->argc > arg->argn) {
|
||||
@ -515,7 +516,7 @@ ShellCommand(struct cmdargs const *arg, int bg)
|
||||
log_Printf(LogWARN, "exec() of %s failed: %s\n",
|
||||
arg->argc > arg->argn ? arg->argv[arg->argn] : shell,
|
||||
strerror(errno));
|
||||
exit(255);
|
||||
_exit(255);
|
||||
}
|
||||
|
||||
if (shpid == (pid_t) - 1)
|
||||
|
@ -23,7 +23,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $Id: exec.c,v 1.6 1999/06/09 08:47:36 brian Exp $
|
||||
* $Id: exec.c,v 1.7 1999/08/06 20:04:03 brian Exp $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -103,7 +103,7 @@ exec_Create(struct physical *p)
|
||||
log_Printf(LogPHASE, "Unable to create pipe for line exec: %s\n",
|
||||
strerror(errno));
|
||||
else {
|
||||
int stat, argc;
|
||||
int stat, argc, i;
|
||||
pid_t pid, realpid;
|
||||
char *argv[MAXARGS];
|
||||
|
||||
@ -135,17 +135,19 @@ exec_Create(struct physical *p)
|
||||
_exit(127);
|
||||
}
|
||||
|
||||
fids[1] = fcntl(fids[1], F_DUPFD, 3);
|
||||
log_Printf(LogDEBUG, "Exec'ing ``%s''\n", p->name.base);
|
||||
|
||||
dup2(fids[1], STDIN_FILENO);
|
||||
dup2(fids[1], STDOUT_FILENO);
|
||||
dup2(fids[1], STDERR_FILENO);
|
||||
for (i = getdtablesize(); i > STDERR_FILENO; i--)
|
||||
fcntl(i, F_SETFD, 1);
|
||||
|
||||
log_Printf(LogDEBUG, "Exec'ing ``%s''\n", p->name.base);
|
||||
argc = MakeArgs(p->name.base, argv, VECSIZE(argv));
|
||||
command_Expand(argv, argc, (char const *const *)argv,
|
||||
p->dl->bundle, 0, realpid);
|
||||
execvp(*argv, argv);
|
||||
fprintf(stderr, "execvp failed: %s: %s\r\n", *argv, strerror(errno));
|
||||
printf("execvp failed: %s: %s\r\n", *argv, strerror(errno));
|
||||
_exit(127);
|
||||
break;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user