diff options
author | François Degros <fdegros@chromium.org> | 2019-10-01 12:06:42 +1000 |
---|---|---|
committer | François Degros <fdegros@chromium.org> | 2019-10-17 16:32:51 +1100 |
commit | a8be2c42e3028b7a68ad6f993dfdd44054bdad39 (patch) | |
tree | d130fb6b2b27fe9efc4b6a701453b6aa3e0de7c7 /system.c | |
parent | 47e63358c05accc13dd37e604ae9c990eb2b7608 (diff) | |
download | minijail-a8be2c42e3028b7a68ad6f993dfdd44054bdad39.tar.gz |
Close original pipe end after dup2 in child process
This avoids "leaking" duplicated file descriptors in the child process.
This also allows the child process to signal the end of its processing
by closing its stdout and stderr. This can now be reliably detected by
the parent process, if needed.
Bug: chromium:1009857
Test: Unit tests pass
Change-Id: Ie1cd4ff9e95f18e423df007f88bfff34456346f3
Diffstat (limited to 'system.c')
-rw-r--r-- | system.c | 9 |
1 files changed, 6 insertions, 3 deletions
@@ -222,14 +222,17 @@ int setup_pipe_end(int fds[2], size_t index) return fds[index]; } -int setup_and_dupe_pipe_end(int fds[2], size_t index, int fd) +int dupe_and_close_fd(int fds[2], size_t index, int fd) { if (index > 1) return -1; - close(fds[1 - index]); /* dup2(2) the corresponding end of the pipe into |fd|. */ - return dup2(fds[index], fd); + fd = dup2(fds[index], fd); + + close(fds[0]); + close(fds[1]); + return fd; } int write_pid_to_path(pid_t pid, const char *path) |