From 56bc7b51a617f91916f0e2e1a3808598dde4e673 Mon Sep 17 00:00:00 2001 From: brian Date: Tue, 17 Aug 1999 14:59:05 +0000 Subject: [PATCH] Set the close-on-exec flag for all unused descriptors when exec()ing other programs. --- usr.sbin/ppp/chap.c | 24 ++++++++++-------------- usr.sbin/ppp/chat.c | 19 ++++++++++--------- usr.sbin/ppp/command.c | 15 ++++++++------- usr.sbin/ppp/exec.c | 12 +++++++----- 4 files changed, 35 insertions(+), 35 deletions(-) diff --git a/usr.sbin/ppp/chap.c b/usr.sbin/ppp/chap.c index f2dac18b903f..80737053abd0 100644 --- a/usr.sbin/ppp/chap.c +++ b/usr.sbin/ppp/chap.c @@ -17,7 +17,7 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: chap.c,v 1.52 1999/06/09 08:47:29 brian Exp $ + * $Id: chap.c,v 1.53 1999/07/15 02:02:51 brian Exp $ * * TODO: */ @@ -35,6 +35,7 @@ #include #include #include +#include #include #include #include @@ -231,30 +232,25 @@ chap_StartChild(struct chap *chap, char *prog, const char *name) timer_TermService(); close(in[1]); close(out[0]); - if (out[1] == STDIN_FILENO) { - fd = dup(out[1]); - close(out[1]); - out[1] = fd; - } + if (out[1] == STDIN_FILENO) + out[1] = dup(out[1]); dup2(in[0], STDIN_FILENO); dup2(out[1], STDOUT_FILENO); - if ((fd = open(_PATH_DEVNULL, O_RDWR)) == -1) { + close(STDERR_FILENO); + if (open(_PATH_DEVNULL, O_RDWR) != STDERR_FILENO) { log_Printf(LogALERT, "Chap: Failed to open %s: %s\n", _PATH_DEVNULL, strerror(errno)); exit(1); } - dup2(fd, STDERR_FILENO); - fcntl(3, F_SETFD, 1); /* Set close-on-exec flag */ - + for (fd = getdtablesize(); fd > STDERR_FILENO; fd--) + fcntl(fd, F_SETFD, 1); setuid(geteuid()); argc = command_Interpret(prog, strlen(prog), argv); command_Expand(nargv, argc, (char const *const *)argv, chap->auth.physical->dl->bundle, 0, pid); execvp(nargv[0], nargv); - - log_Printf(LogWARN, "exec() of %s failed: %s\n", - nargv[0], strerror(errno)); - exit(255); + printf("exec() of %s failed: %s\n", nargv[0], strerror(errno)); + _exit(255); default: close(in[0]); diff --git a/usr.sbin/ppp/chat.c b/usr.sbin/ppp/chat.c index 8819fd8eed25..08c89ccd2e40 100644 --- a/usr.sbin/ppp/chat.c +++ b/usr.sbin/ppp/chat.c @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: chat.c,v 1.58 1999/06/26 02:54:24 brian Exp $ + * $Id: chat.c,v 1.59 1999/06/26 02:54:36 brian Exp $ */ #include @@ -682,7 +682,7 @@ ExecStr(struct physical *physical, char *command, char *out, int olen) pid_t pid; int fids[2]; char *argv[MAXARGS], *vector[MAXARGS], *startout, *endout; - int stat, nb, argc; + int stat, nb, argc, i; log_Printf(LogCHAT, "Exec: %s\n", command); argc = MakeArgs(command, vector, VECSIZE(vector)); @@ -698,19 +698,20 @@ ExecStr(struct physical *physical, char *command, char *out, int olen) if ((pid = fork()) == 0) { close(fids[0]); timer_TermService(); - fids[1] = fcntl(fids[1], F_DUPFD, 4); + if (fids[1] == STDIN_FILENO) + fids[1] = dup(fids[1]); dup2(physical->fd, STDIN_FILENO); - dup2(STDIN_FILENO, STDOUT_FILENO); dup2(fids[1], STDERR_FILENO); + dup2(STDIN_FILENO, STDOUT_FILENO); close(3); - if (open(_PATH_TTY, O_RDWR) == 3) - fcntl(3, F_SETFD, 0); /* Clear close-on-exec flag */ - else - fcntl(3, F_SETFD, 1); /* Set close-on-exec flag */ + if (open(_PATH_TTY, O_RDWR) != 3) + open(_PATH_DEVNULL, O_RDWR); /* Leave it closed if it fails... */ + for (i = getdtablesize(); i > 3; i--) + fcntl(i, F_SETFD, 1); setuid(geteuid()); execvp(argv[0], argv); fprintf(stderr, "execvp: %s: %s\n", argv[0], strerror(errno)); - exit(127); + _exit(127); } else { char *name = strdup(vector[0]); diff --git a/usr.sbin/ppp/command.c b/usr.sbin/ppp/command.c index a10cc6b6e2b3..6c37b1029bf1 100644 --- a/usr.sbin/ppp/command.c +++ b/usr.sbin/ppp/command.c @@ -17,7 +17,7 @@ * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * $Id: command.c,v 1.204 1999/08/02 21:45:35 brian Exp $ + * $Id: command.c,v 1.205 1999/08/05 10:32:09 brian Exp $ * */ #include @@ -144,7 +144,7 @@ #define NEG_VJCOMP 53 const char Version[] = "2.23"; -const char VersionDate[] = "$Date: 1999/08/02 21:45:35 $"; +const char VersionDate[] = "$Date: 1999/08/05 10:32:09 $"; static int ShowCommand(struct cmdargs const *); static int TerminalCommand(struct cmdargs const *); @@ -478,10 +478,11 @@ ShellCommand(struct cmdargs const *arg, int bg) _PATH_DEVNULL, strerror(errno)); exit(1); } - for (i = 0; i < 3; i++) - dup2(fd, i); - - fcntl(3, F_SETFD, 1); /* Set close-on-exec flag */ + dup2(fd, STDIN_FILENO); + dup2(fd, STDOUT_FILENO); + dup2(fd, STDERR_FILENO); + for (i = getdtablesize(); i > STDERR_FILENO; i--) + fcntl(i, F_SETFD, 1); setuid(geteuid()); if (arg->argc > arg->argn) { @@ -515,7 +516,7 @@ ShellCommand(struct cmdargs const *arg, int bg) log_Printf(LogWARN, "exec() of %s failed: %s\n", arg->argc > arg->argn ? arg->argv[arg->argn] : shell, strerror(errno)); - exit(255); + _exit(255); } if (shpid == (pid_t) - 1) diff --git a/usr.sbin/ppp/exec.c b/usr.sbin/ppp/exec.c index c838800b7d5a..19e74bd4270e 100644 --- a/usr.sbin/ppp/exec.c +++ b/usr.sbin/ppp/exec.c @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: exec.c,v 1.6 1999/06/09 08:47:36 brian Exp $ + * $Id: exec.c,v 1.7 1999/08/06 20:04:03 brian Exp $ */ #include @@ -103,7 +103,7 @@ exec_Create(struct physical *p) log_Printf(LogPHASE, "Unable to create pipe for line exec: %s\n", strerror(errno)); else { - int stat, argc; + int stat, argc, i; pid_t pid, realpid; char *argv[MAXARGS]; @@ -135,17 +135,19 @@ exec_Create(struct physical *p) _exit(127); } - fids[1] = fcntl(fids[1], F_DUPFD, 3); + log_Printf(LogDEBUG, "Exec'ing ``%s''\n", p->name.base); + dup2(fids[1], STDIN_FILENO); dup2(fids[1], STDOUT_FILENO); dup2(fids[1], STDERR_FILENO); + for (i = getdtablesize(); i > STDERR_FILENO; i--) + fcntl(i, F_SETFD, 1); - log_Printf(LogDEBUG, "Exec'ing ``%s''\n", p->name.base); argc = MakeArgs(p->name.base, argv, VECSIZE(argv)); command_Expand(argv, argc, (char const *const *)argv, p->dl->bundle, 0, realpid); execvp(*argv, argv); - fprintf(stderr, "execvp failed: %s: %s\r\n", *argv, strerror(errno)); + printf("execvp failed: %s: %s\r\n", *argv, strerror(errno)); _exit(127); break;