Commit 303fbc7c authored by Rémi Denis-Courmont's avatar Rémi Denis-Courmont

Linux: create sockets with close-on-exec flag in thread-safe manner

There is a window of opportunity to leak file descriptors between
their creation and the fcntl(FD_CLOEXEC) call. If another thread forks
during this window, the descriptors will not have a the close-on-exec
flag, and get leaked after exec(). This is a limitation of POSIX.

While we're using the Linux-specific SOCK_CLOEXEC, we might as well
use SOCK_NONBLOCK, and spare ourselves the three fcntl() calls.
parent aca7ce70
...@@ -96,15 +96,29 @@ int net_SetupSocket (int fd) ...@@ -96,15 +96,29 @@ int net_SetupSocket (int fd)
int net_Socket (vlc_object_t *p_this, int family, int socktype, int net_Socket (vlc_object_t *p_this, int family, int socktype,
int protocol) int protocol)
{ {
int fd = socket (family, socktype, protocol); int fd;
#ifdef SOCK_CLOEXEC
fd = socket (family, socktype | SOCK_NONBLOCK | SOCK_CLOEXEC, protocol);
if (fd == -1 && errno == EINVAL)
#endif
{
fd = socket (family, socktype, protocol);
if (fd == -1) if (fd == -1)
{ {
if (net_errno != EAFNOSUPPORT) if (net_errno != EAFNOSUPPORT)
msg_Err (p_this, "cannot create socket: %m"); msg_Err (p_this, "cannot create socket: %m");
return -1; return -1;
} }
#ifndef WIN32
fcntl (fd, F_SETFD, FD_CLOEXEC);
fcntl (fd, F_SETFL, fcntl (fd, F_GETFL, 0) | O_NONBLOCK);
#else
ioctlsocket (fd, FIONBIO, &(unsigned long){ 1 });
#endif
}
net_SetupSocket (fd); setsockopt (fd, SOL_SOCKET, SO_REUSEADDR, &(int){ 1 }, sizeof (int));
#ifdef IPV6_V6ONLY #ifdef IPV6_V6ONLY
/* /*
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment