From e2700c76381a173a419aecc210d46944cd7be1d1 Mon Sep 17 00:00:00 2001
From: Michael Catanzaro <mcatanzaro@redhat.com>
Date: Tue, 14 Dec 2021 13:36:26 -0600
Subject: [PATCH] gspawn: fix hangs when duping child_err_report_fd

In case child_err_report_fd conflicts with one of the target_fds, the
code here is careful to dup child_err_report_fd in order to avoid
conflating the two. It was a good idea, but evidently was not tested,
because the newly-created fd is not created with CLOEXEC set. This means
it stays open in the child process, causing the parent to hang forever
waiting to read from the other end of the pipe. Oops!

The fix is simple: just set CLOEXEC. This removes our only usage of the
safe_dup() function, so it can be dropped.

Fixes #2506
---
 glib/gspawn.c | 16 +---------------
 1 file changed, 1 insertion(+), 15 deletions(-)

diff --git a/glib/gspawn.c b/glib/gspawn.c
index 9c65d9d92..0deeda8cc 100644
--- a/glib/gspawn.c
+++ b/glib/gspawn.c
@@ -1588,20 +1588,6 @@ safe_closefrom (int lowfd)
 #endif
 }
 
-/* This function is called between fork() and exec() and hence must be
- * async-signal-safe (see signal-safety(7)). */
-static gint
-safe_dup (gint fd)
-{
-  gint ret;
-
-  do
-    ret = dup (fd);
-  while (ret < 0 && (errno == EINTR || errno == EBUSY));
-
-  return ret;
-}
-
 /* This function is called between fork() and exec() and hence must be
  * async-signal-safe (see signal-safety(7)). */
 static gint
@@ -1795,7 +1781,7 @@ do_exec (gint                  child_err_report_fd,
           else
             {
               if (target_fds[i] == child_err_report_fd)
-                child_err_report_fd = safe_dup (child_err_report_fd);
+                child_err_report_fd = dupfd_cloexec (child_err_report_fd);
 
               safe_dup2 (source_fds[i], target_fds[i]);
               close_and_invalidate (&source_fds[i]);