allocator_thread.c: set O_CLOEXEC/FD_CLOEXEC for pipes, fix #273.

In proxychains, we create pipes and use them internally. If exec() is called by the program we run, the pipes opened previously are never closed, causing a file descriptor leak may eventually crash the program. This commit calls fcntl() to set FD_CLOEXEC flags on pipes. AFAIK there's no race condition on pipe creation, but we still prefer to call the newer pipe2() with O_CLOEXEC if it's supported by the system, due to its advantage of atomic operation, which prevents potential race conditions in the future. Signed-off-by: Tom Li <tomli@tomli.me>
2025-11-04 09:06:05 +00:00 · 2018-12-25 23:22:48 +08:00
parent db5cd6b699
commit 11988579f5
1 changed files with 12 additions and 1 deletions
--- a/src/allocator_thread.c
+++ b/src/allocator_thread.c
@@ -309,7 +309,18 @@ size_t at_get_host_for_ip(ip_type4 ip, char* readbuf) {


 static void initpipe(int* fds) {
-	if(pipe(fds) == -1) {
+	int retval;
+
+#ifdef HAVE_PIPE2
+	retval = pipe2(fds, O_CLOEXEC);
+#else
+	retval = pipe(fds);
+	if(retval == 0) {
+		fcntl(fds[0], F_SETFD, FD_CLOEXEC);
+		fcntl(fds[1], F_SETFD, FD_CLOEXEC);
+	}
+#endif
+	if(retval == -1) {
 		perror("pipe");
 		exit(1);
 	}