diff options
| author |   rzalamena <rzalamena@openbsd.org> | 2016-10-05 17:13:53 +0000 |
|---|---|---|
| committer | rzalamena <rzalamena@openbsd.org> | 2016-10-05 17:13:53 +0000 |
| commit | 2584ffbfe8e69581e0985a78488cb99162c85ba8 (patch) | |
| tree | 6dbe85fe36fb04d3a86613030ccb68281d62eab4 | |
| parent | Call setsid() to create a new session for the executed processes. (diff) | |
| download | wireguard-openbsd-2584ffbfe8e69581e0985a78488cb99162c85ba8.tar.xz wireguard-openbsd-2584ffbfe8e69581e0985a78488cb99162c85ba8.zip | |
Check if oldd == newd before dup2(), if that is the case we need to remove
the CLOEXEC flag ourselves.
ok bluhm@, deraadt@
| -rw-r--r-- | usr.sbin/httpd/proc.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/usr.sbin/httpd/proc.c b/usr.sbin/httpd/proc.c index ff3f443df87..3b7c43e7ce2 100644 --- a/usr.sbin/httpd/proc.c +++ b/usr.sbin/httpd/proc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: proc.c,v 1.29 2016/10/05 17:09:59 reyk Exp $ */ +/* $OpenBSD: proc.c,v 1.30 2016/10/05 17:13:53 rzalamena Exp $ */ /* * Copyright (c) 2010 - 2016 Reyk Floeter <reyk@openbsd.org> @@ -22,6 +22,7 @@ #include <sys/socket.h> #include <sys/wait.h> +#include <fcntl.h> #include <stdio.h> #include <stdlib.h> #include <unistd.h> @@ -135,7 +136,12 @@ proc_exec(struct privsep *ps, struct privsep_proc *procs, unsigned int nproc, fatal("setsid"); /* Prepare parent socket. */ - dup2(fd, PROC_PARENT_SOCK_FILENO); + if (fd != PROC_PARENT_SOCK_FILENO) { + if (dup2(fd, PROC_PARENT_SOCK_FILENO) + == -1) + fatal("dup2"); + } else if (fcntl(fd, F_SETFD, 0) == -1) + fatal("fcntl"); execvp(argv[0], nargv); fatal("%s: execvp", __func__); |