diff options
| author | David Gibson <david@gibson.dropbear.id.au> | 2026-05-18 13:22:41 +1000 |
|---|---|---|
| committer | Stefano Brivio <sbrivio@redhat.com> | 2026-05-20 01:22:17 +0200 |
| commit | 1d16476b7de00bd5bd77b90955520a79bbec48e6 (patch) | |
| tree | 75043d501aff616d6be87f14c9ec0a57bf7f8325 | |
| parent | db798fc60f4c5869cb53168354e068fb4dabd91a (diff) | |
| download | passt-1d16476b7de00bd5bd77b90955520a79bbec48e6.tar passt-1d16476b7de00bd5bd77b90955520a79bbec48e6.tar.gz passt-1d16476b7de00bd5bd77b90955520a79bbec48e6.tar.bz2 passt-1d16476b7de00bd5bd77b90955520a79bbec48e6.tar.lz passt-1d16476b7de00bd5bd77b90955520a79bbec48e6.tar.xz passt-1d16476b7de00bd5bd77b90955520a79bbec48e6.tar.zst passt-1d16476b7de00bd5bd77b90955520a79bbec48e6.zip | |
treewide: Add SOCK_CLOEXEC to accept() calls that are missing it
Generally we try to set the O_CLOEXEC flag on every fd we create. This
seems to be generally accepted security best practice these days, and we
never exec(), so certainly have no need to pass fds to exec()ed processes.
A handful of accept4() calls on Unix sockets are missing the SOCK_CLOEXEC
flag to set this though. Add the missing flag.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
| -rw-r--r-- | repair.c | 5 | ||||
| -rw-r--r-- | tap.c | 4 |
2 files changed, 5 insertions, 4 deletions
@@ -87,7 +87,7 @@ int repair_listen_handler(struct ctx *c, uint32_t events) /* Another client is already connected: accept and close right away. */ if (c->fd_repair != -1) { int discard = accept4(c->fd_repair_listen, NULL, NULL, - SOCK_NONBLOCK); + SOCK_NONBLOCK | SOCK_CLOEXEC); if (discard == -1) return errno; @@ -99,7 +99,8 @@ int repair_listen_handler(struct ctx *c, uint32_t events) return EEXIST; } - if ((c->fd_repair = accept4(c->fd_repair_listen, NULL, NULL, 0)) < 0) { + if ((c->fd_repair = accept4(c->fd_repair_listen, NULL, NULL, + SOCK_CLOEXEC)) < 0) { rc = errno; debug_perror("accept4() on TCP_REPAIR helper listening socket"); return rc; @@ -1479,7 +1479,7 @@ void tap_listen_handler(struct ctx *c, uint32_t events) /* Another client is already connected: accept and close right away. */ if (c->fd_tap != -1) { int discard = accept4(c->fd_tap_listen, NULL, NULL, - SOCK_NONBLOCK); + SOCK_NONBLOCK | SOCK_CLOEXEC); if (discard == -1) return; @@ -1492,7 +1492,7 @@ void tap_listen_handler(struct ctx *c, uint32_t events) return; } - c->fd_tap = accept4(c->fd_tap_listen, NULL, NULL, 0); + c->fd_tap = accept4(c->fd_tap_listen, NULL, NULL, SOCK_CLOEXEC); if (!getsockopt(c->fd_tap, SOL_SOCKET, SO_PEERCRED, &ucred, &len)) info("accepted connection from PID %i", ucred.pid); |