diff options
author | Lorenzo Colitti <lorenzo@google.com> | 2017-08-28 18:17:56 +0900 |
---|---|---|
committer | Lorenzo Colitti <lorenzo@google.com> | 2017-09-05 11:55:10 +0900 |
commit | acf3811db19d6b281d79839b75597d86fe573ecb (patch) | |
tree | 9285faa975cf9680133d0baadc1c610338c5ff41 | |
parent | c486e622c8389e56603ca05b612e2ad1e72bdf02 (diff) | |
download | netd-acf3811db19d6b281d79839b75597d86fe573ecb.tar.gz |
Open iptables-restore pipes with O_CLOEXEC.
This improves security and reliability, and also avoids keeping
superflous fds open in iptables-restore processes: the pipe fds
that are dup2()d are never closed.
Bug: 28362720
Test: bullhead builds, boots
Test: netd_{unit,integration}_test pass
(cherry picked from commit cd0fa850d8cd05310be9b49750455dfd2e1802b0)
Change-Id: I1ec6953327d889eb1948b2a10e532304b308e516
-rw-r--r-- | server/IptablesRestoreController.cpp | 16 |
1 files changed, 3 insertions, 13 deletions
diff --git a/server/IptablesRestoreController.cpp b/server/IptablesRestoreController.cpp index 37b94bf4..88d88f64 100644 --- a/server/IptablesRestoreController.cpp +++ b/server/IptablesRestoreController.cpp @@ -143,9 +143,9 @@ IptablesProcess* IptablesRestoreController::forkAndExec(const IptablesProcessTyp int stdout_pipe[2]; int stderr_pipe[2]; - if (pipe2(stdin_pipe, 0) == -1 || - pipe2(stdout_pipe, O_NONBLOCK) == -1 || - pipe2(stderr_pipe, O_NONBLOCK) == -1) { + if (pipe2(stdin_pipe, O_CLOEXEC) == -1 || + pipe2(stdout_pipe, O_NONBLOCK | O_CLOEXEC) == -1 || + pipe2(stderr_pipe, O_NONBLOCK | O_CLOEXEC) == -1) { ALOGE("pipe2() failed: %s", strerror(errno)); return nullptr; @@ -161,16 +161,6 @@ IptablesProcess* IptablesRestoreController::forkAndExec(const IptablesProcessTyp if (child_pid.value() == 0) { // The child process. Reads from stdin, writes to stderr and stdout. - // stdin_pipe[1] : The write end of the stdin pipe. - // stdout_pipe[0] : The read end of the stdout pipe. - // stderr_pipe[0] : The read end of the stderr pipe. - if (close(stdin_pipe[1]) == -1 || - close(stdout_pipe[0]) == -1 || - close(stderr_pipe[0]) == -1) { - - ALOGW("close() failed: %s", strerror(errno)); - } - // stdin_pipe[0] : The read end of the stdin pipe. // stdout_pipe[1] : The write end of the stdout pipe. // stderr_pipe[1] : The write end of the stderr pipe. |