poke-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GNU poke 2.90.0 on Linux/ia64

From: Eric Blake
Subject: Re: GNU poke 2.90.0 on Linux/ia64
Date: Mon, 23 Jan 2023 14:59:20 -0600
User-agent: NeoMutt/20220429 
On Mon, Jan 23, 2023 at 01:43:10AM +0100, Bruno Haible wrote:
> 
> This is because of invalid code in usock.c.
> 
> Reading "man fcntl"
> https://pubs.opengroup.org/onlinepubs/9699919799/functions/fcntl.html
> https://man7.org/linux/man-pages/man2/fcntl.2.html
> it is clear that
>   - For changing the CLOEXEC bit of a file descriptor, one should use
>     fcntl (fd, F_SETFD, 0 or FD_CLOEXEC);

> @@ -635,15 +635,19 @@ usock_new (const char *path)
>    u->pipefd[1] = -1;
>    if (pipe (u->pipefd) == -1)
>      goto error;
> -  if (fcntl (u->pipefd[0], F_SETFL, O_NONBLOCK | O_CLOEXEC) == -1)
> +  if (fcntl (u->pipefd[0], F_SETFD, FD_CLOEXEC) == -1)

Blindly setting FD_CLOEXEC is also buggy.  The correct way to do this
is read-modify-write, similar to:

if ((flags = fcntl (u->pipefd[0], F_GETFD)) == -1 ||
    fcntl (u->pipefd[0], F_SETFD, flags | FD_CLOEXEC) == -1)
  fail...

On most systems, historically that FD_CLOEXEC is the only defined fd
flag, and thus blind setting without pre-reading happens to work.  But
POSIX is considering standardizing FD_CLOFORK as a second fd flag, at
which point the read-modify-write becomes more important to avoid bugs
in programs that utilize FD_CLOFORK.

https://www.austingroupbugs.net/view.php?id=1318

-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3266
Virtualization:  qemu.org | libvirt.org
reply via email to
[Prev in Thread] Current Thread [Next in Thread]