thodg/got

Browse

Commit e7ae0bafeffce6697bc3b67fda753e5bac995cb6

Stefan Sperling 2021-12-31T09:11:22

add O_CLOEXEC (close-on-exec) to openat(2) calls suggested by millert ok thomas_adam 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131

diff --git a/got/got.c b/got/got.c
index 49c56bc..0b61ca9 100644
--- a/got/got.c
+++ b/got/got.c
@@ -4435,7 +4435,8 @@ print_diff(void *arg, unsigned char status, unsigned char staged_status,
 		}
 
 		if (dirfd != -1) {
-			fd = openat(dirfd, de_name, O_RDONLY | O_NOFOLLOW);
+			fd = openat(dirfd, de_name,
+			    O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
 			if (fd == -1) {
 				if (!got_err_open_nofollow_on_symlink()) { 
 					err = got_error_from_errno2("openat",
diff --git a/lib/fileindex.c b/lib/fileindex.c
index 91a35e4..60539f2 100644
--- a/lib/fileindex.c
+++ b/lib/fileindex.c
@@ -1059,7 +1059,7 @@ walk_dir(struct got_pathlist_entry **next, struct got_fileindex *fileindex,
 		}
 
 		subdirfd = openat(fd, de->d_name,
-		    O_RDONLY | O_NOFOLLOW | O_DIRECTORY);
+		    O_RDONLY | O_NOFOLLOW | O_DIRECTORY | O_CLOEXEC);
 		if (subdirfd == -1) {
 			if (errno == EACCES) {
 				*next = TAILQ_NEXT(dle, entry);
diff --git a/lib/lockfile.c b/lib/lockfile.c
index 7d5db03..e1a1870 100644
--- a/lib/lockfile.c
+++ b/lib/lockfile.c
@@ -55,7 +55,7 @@ got_lockfile_lock(struct got_lockfile **lf, const char *path, int dir_fd)
 	do {
 		if (dir_fd != -1) {
 			(*lf)->fd = openat(dir_fd, (*lf)->path,
-			    O_RDONLY | O_CREAT | O_EXCL | O_EXLOCK,
+			    O_RDONLY | O_CREAT | O_EXCL | O_EXLOCK | O_CLOEXEC,
 			    GOT_DEFAULT_FILE_MODE);
 		} else {
 			(*lf)->fd = open((*lf)->path,
diff --git a/lib/pack.c b/lib/pack.c
index b29f6d2..cda2a94 100644
--- a/lib/pack.c
+++ b/lib/pack.c
@@ -368,7 +368,7 @@ got_packidx_open(struct got_packidx **packidx,
 		goto done;
 	}
 
-	p->fd = openat(dir_fd, relpath, O_RDONLY | O_NOFOLLOW);
+	p->fd = openat(dir_fd, relpath, O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
 	if (p->fd == -1) {
 		err = got_error_from_errno2("openat", relpath);
 		free(p);
diff --git a/lib/repository.c b/lib/repository.c
index 76be29a..41da7b1 100644
--- a/lib/repository.c
+++ b/lib/repository.c
@@ -1125,7 +1125,7 @@ got_repo_search_packidx(struct got_packidx **packidx, int *idx,
 	/* No luck. Search the filesystem. */
 
 	packdir_fd = openat(got_repo_get_fd(repo),
-	    GOT_OBJECTS_PACK_DIR, O_DIRECTORY);
+	    GOT_OBJECTS_PACK_DIR, O_DIRECTORY | O_CLOEXEC);
 	if (packdir_fd == -1) {
 		if (errno == ENOENT)
 			err = got_error_no_obj(id);
@@ -1233,7 +1233,8 @@ open_packfile(int *fd, struct got_repository *repo,
 {
 	const struct got_error *err = NULL;
 
-	*fd = openat(got_repo_get_fd(repo), relpath, O_RDONLY | O_NOFOLLOW);
+	*fd = openat(got_repo_get_fd(repo), relpath,
+	    O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
 	if (*fd == -1)
 		return got_error_from_errno_fmt("openat: %s/%s",
 		    got_repo_get_path_git_dir(repo), relpath);
@@ -1407,7 +1408,7 @@ match_packed_object(struct got_object_id **unique_id,
 	STAILQ_INIT(&matched_ids);
 
 	packdir_fd = openat(got_repo_get_fd(repo),
-	    GOT_OBJECTS_PACK_DIR, O_DIRECTORY);
+	    GOT_OBJECTS_PACK_DIR, O_DIRECTORY | O_CLOEXEC);
 	if (packdir_fd == -1) {
 		if (errno != ENOENT)
 			err = got_error_from_errno2("openat", GOT_OBJECTS_PACK_DIR);
diff --git a/lib/repository_admin.c b/lib/repository_admin.c
index 3eb6c06..4e1253b 100644
--- a/lib/repository_admin.c
+++ b/lib/repository_admin.c
@@ -1215,7 +1215,7 @@ got_repo_remove_lonely_packidx(struct got_repository *repo, int dry_run,
 	struct stat sb;
 
 	packdir_fd = openat(got_repo_get_fd(repo),
-	    GOT_OBJECTS_PACK_DIR, O_DIRECTORY);
+	    GOT_OBJECTS_PACK_DIR, O_DIRECTORY | O_CLOEXEC);
 	if (packdir_fd == -1) {
 		if (errno == ENOENT)
 			return NULL;
diff --git a/lib/worktree.c b/lib/worktree.c
index 213daba..87959af 100644
--- a/lib/worktree.c
+++ b/lib/worktree.c
@@ -1717,7 +1717,7 @@ get_file_status(unsigned char *status, struct stat *sb,
 	}
 
 	if (dirfd != -1) {
-		fd = openat(dirfd, de_name, O_RDONLY | O_NOFOLLOW);
+		fd = openat(dirfd, de_name, O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
 		if (fd == -1) {
 			err = got_error_from_errno2("openat", abspath);
 			goto done;
@@ -3460,7 +3460,8 @@ add_ignores(struct got_pathlist_head *ignores, const char *root_path,
 		return got_error_from_errno("asprintf");
 
 	if (dirfd != -1) {
-		fd = openat(dirfd, ignores_filename, O_RDONLY | O_NOFOLLOW);
+		fd = openat(dirfd, ignores_filename,
+		    O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
 		if (fd == -1) {
 			if (errno != ENOENT && errno != EACCES)
 				err = got_error_from_errno2("openat",
@@ -4356,7 +4357,8 @@ create_patched_content(char **path_outfile, int reverse_patch,
 		return err;
 
 	if (dirfd2 != -1) {
-		fd2 = openat(dirfd2, de_name2, O_RDONLY | O_NOFOLLOW);
+		fd2 = openat(dirfd2, de_name2,
+		    O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
 		if (fd2 == -1) {
 			if (!got_err_open_nofollow_on_symlink()) {
 				err = got_error_from_errno2("openat", path2);
kmx.io     mail     discord kmxgit v0.4.0