Set close-on-exec file for file inputs

We don't want to leak descriptors to child PROCESSES (!= threads) such as the pseudo-CGI interface. The socket wrappers ahve already been doing that for a while. Unfortunately, there are still many "leaks", through underlying libraries, opendir(), fopen(), etc. And then, this is not thread-safe (we leak if another thread calls fork() between open() and fcntl()). This is a well-known limitation in POSIX anyway.

Set close-on-exec file for file inputs
We don't want to leak descriptors to child PROCESSES (!= threads) such as the pseudo-CGI interface. The socket wrappers ahve already been doing that for a while. Unfortunately, there are still many "leaks", through underlying libraries, opendir(), fopen(), etc. And then, this is not thread-safe (we leak if another thread calls fork() between open() and fcntl()). This is a well-known limitation in POSIX anyway.
90ba04f4 · Rémi Denis-Courmont · e95a471c · 90ba04f4 · 90ba04f4
Commit 90ba04f4 authored Oct 11, 2008 by Rémi Denis-Courmont
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 0 deletions

modules/access/file.c modules/access/file.c +1 -0

modules/access/mmap.c modules/access/mmap.c +1 -0

No files found.
--- a/modules/access/file.c
+++ b/modules/access/file.c
@@ -349,6 +349,7 @@ static int open_file (access_t *p_access, const char *path)
                        _("VLC could not open the file \"%s\"."), path);
        return -1;
    }
+    fcntl (fd, F_SETFD, fcntl (fd, F_GETFD) | FD_CLOEXEC);

 #if defined(HAVE_FCNTL_H)
    /* We'd rather use any available memory for reading ahead

--- a/modules/access/mmap.c
+++ b/modules/access/mmap.c
@@ -104,6 +104,7 @@ static int Open (vlc_object_t *p_this)
        msg_Warn (p_access, "cannot open %s: %m", path);
        goto error;
    }
+    fcntl (fd, F_SETFD, fcntl (fd, F_GETFD) | FD_CLOEXEC);

    /* mmap() is only safe for regular and block special files.
     * For other types, it may be some idiosyncrasic interface (e.g. packet