From b4f56dd4c6483933d06b382ab4e4a956b238f783 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Sat, 20 Nov 2010 01:24:30 -0500 Subject: Obviate need for doing a CLOEXEC on pipes: just close them before exec --- src/common/util.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/src/common/util.c b/src/common/util.c index efa0335012..421da3560c 100644 --- a/src/common/util.c +++ b/src/common/util.c @@ -2986,7 +2986,7 @@ tor_spawn_background(const char *const filename, int *stdout_read, child_state = CHILD_STATE_REDIRECT; /* Link stdin to /dev/null */ - fd = open("/dev/null", O_RDONLY); + fd = open("/dev/null", O_RDONLY); /* NOT cloexec, obviously. */ if (fd != -1) dup2(STDIN_FILENO, fd); else @@ -2994,11 +2994,18 @@ tor_spawn_background(const char *const filename, int *stdout_read, child_state = CHILD_STATE_CLOSEFD; + close(stderr_pipe[0]); + close(stderr_pipe[1]); + close(stdout_pipe[0]); + close(stdout_pipe[1]); + close(fd); + /* Close all other fds, including the read end of the pipe */ - /* XXX: use closefrom if available, or better still set FD_CLOEXEC - on all of Tor's open files */ - for (fd = STDERR_FILENO + 1; fd < max_fd; fd++) + /* XXX: We should now be doing enough FD_CLOEXEC setting to make + * this needless. */ + for (fd = STDERR_FILENO + 1; fd < max_fd; fd++) { close(fd); + } child_state = CHILD_STATE_EXEC; -- cgit v1.2.3-54-g00ecf