diff options
| author | Jacques Vidrine <nectar@FreeBSD.org> | 2002-09-13 15:09:07 +0000 |
|---|---|---|
| committer | Jacques Vidrine <nectar@FreeBSD.org> | 2002-09-13 15:09:07 +0000 |
| commit | 2b2eecab95dab2db341ae64aaa28228ef1895e6a (patch) | |
| tree | d3fa52160766f13b367533fc8e4a0cfb4dd2ad6e | |
| parent | 2d0dd19176c56c0d7c8d0457e173d1273133a5a4 (diff) | |
| download | src-2b2eecab95dab2db341ae64aaa28228ef1895e6a.tar.gz src-2b2eecab95dab2db341ae64aaa28228ef1895e6a.zip | |
MFC src/lib/libkvm/kvm.c 1.23: mark file descriptors close-on-exec.
Notes
Notes:
svn path=/releng/4.5/; revision=103292
| -rw-r--r-- | UPDATING | 5 | ||||
| -rw-r--r-- | lib/libkvm/kvm.c | 12 | ||||
| -rw-r--r-- | sys/conf/newvers.sh | 2 |
3 files changed, 18 insertions, 1 deletions
@@ -18,6 +18,11 @@ minimal number of processes, if possible, for that patch. For those updates that don't have an advisory, or to be safe, you can do a full build and install as described in the COMMON ITEMS section. +20020911: p20 + The kvm_openfiles/kvm_open functions now mark the returned file + descriptors close-on-exec in case set-user-ID/set-group-ID + applications are careless. + 20020813: p19 FreeBSD-SA-02:38.signed-error Bounds checking errors in accept(), getsockname(), getpeername(), and a VESA ioctl() command were corrected. diff --git a/lib/libkvm/kvm.c b/lib/libkvm/kvm.c index d4a7645857e9..e7bde960d3ea 100644 --- a/lib/libkvm/kvm.c +++ b/lib/libkvm/kvm.c @@ -206,6 +206,10 @@ _kvm_open(kd, uf, mf, flag, errout) _kvm_syserr(kd, kd->program, "%s", mf); goto failed; } + if (fcntl(kd->pmfd, F_SETFD, FD_CLOEXEC) < 0) { + _kvm_syserr(kd, kd->program, "%s", mf); + goto failed; + } if (S_ISCHR(st.st_mode)) { /* * If this is a character special device, then check that @@ -224,6 +228,10 @@ _kvm_open(kd, uf, mf, flag, errout) _kvm_syserr(kd, kd->program, "%s", _PATH_KMEM); goto failed; } + if (fcntl(kd->vmfd, F_SETFD, FD_CLOEXEC) < 0) { + _kvm_syserr(kd, kd->program, "%s", _PATH_KMEM); + goto failed; + } } } else { /* @@ -235,6 +243,10 @@ _kvm_open(kd, uf, mf, flag, errout) _kvm_syserr(kd, kd->program, "%s", uf); goto failed; } + if (fcntl(kd->nlfd, F_SETFD, FD_CLOEXEC) < 0) { + _kvm_syserr(kd, kd->program, "%s", uf); + goto failed; + } if (_kvm_initvtop(kd) < 0) goto failed; } diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index 743009d19635..e2213255a4f7 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -36,7 +36,7 @@ TYPE="FreeBSD" REVISION="4.5" -BRANCH="RELEASE-p19" +BRANCH="RELEASE-p20" RELEASE="${REVISION}-${BRANCH}" VERSION="${TYPE} ${RELEASE}" |