Accepting request 90162 from home:elvigia:branches:Base:System

- libmagic: use O_CLOEXEC where needed, as there is no warranty 
  that calling applications will not fork() and we end up leaking 
  file descriptors to their child processes.

OBS-URL: https://build.opensuse.org/request/show/90162
OBS-URL: https://build.opensuse.org/package/show/Base:System/file?expand=0&rev=36
This commit is contained in:
Cristian Rodríguez 2011-11-05 20:03:46 +00:00 committed by Git OBS Bridge
parent 3378b68bdf
commit 66fb49e662
3 changed files with 72 additions and 1 deletions

62
file-ocloexec.patch Normal file
View File

@ -0,0 +1,62 @@
--- src/compress.c.orig
+++ src/compress.c
@@ -256,7 +256,7 @@ file_pipe2file(struct magic_set *ms, int
errno = r;
}
#else
- tfd = mkstemp(buf);
+ tfd = mkostemp(buf, O_CLOEXEC);
te = errno;
(void)unlink(buf);
errno = te;
--- src/apprentice.c.orig
+++ src/apprentice.c
@@ -676,7 +676,7 @@ load_1(struct magic_set *ms, int action,
char *line = NULL;
ssize_t len;
- FILE *f = fopen(ms->file = fn, "r");
+ FILE *f = fopen(ms->file = fn, "re");
if (f == NULL) {
if (errno != ENOENT)
file_error(ms, errno, "cannot read magic file `%s'",
@@ -2226,7 +2226,7 @@ apprentice_map(struct magic_set *ms, str
if (dbname == NULL)
goto error2;
- if ((fd = open(dbname, O_RDONLY|O_BINARY)) == -1)
+ if ((fd = open(dbname, O_RDONLY|O_BINARY|O_CLOEXEC)) == -1)
goto error2;
if (fstat(fd, &st) == -1) {
@@ -2324,7 +2324,7 @@ apprentice_compile(struct magic_set *ms,
if (dbname == NULL)
goto out;
- if ((fd = open(dbname, O_WRONLY|O_CREAT|O_TRUNC|O_BINARY, 0644)) == -1) {
+ if ((fd = open(dbname, O_WRONLY|O_CREAT|O_TRUNC|O_BINARY|O_CLOEXEC, 0644)) == -1) {
file_error(ms, errno, "cannot open `%s'", dbname);
goto out;
}
--- src/magic.c.orig
+++ src/magic.c
@@ -411,7 +411,7 @@ file_or_fd(struct magic_set *ms, const c
if (fstat(fd, &sb) == 0 && S_ISFIFO(sb.st_mode))
ispipe = 1;
} else {
- int flags = O_RDONLY|O_BINARY;
+ int flags = O_RDONLY|O_BINARY|O_CLOEXEC;
if (stat(inname, &sb) == 0 && S_ISFIFO(sb.st_mode)) {
#ifdef O_NONBLOCK
--- src/file.c.orig
+++ src/file.c
@@ -385,7 +385,7 @@ unwrap(struct magic_set *ms, const char
f = stdin;
wid = 1;
} else {
- if ((f = fopen(fn, "r")) == NULL) {
+ if ((f = fopen(fn, "re")) == NULL) {
(void)fprintf(stderr, "%s: Cannot open `%s' (%s).\n",
progname, fn, strerror(errno));
return 1;

View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Sat Nov 5 18:37:25 UTC 2011 - crrodriguez@opensuse.org
- libmagic: use O_CLOEXEC where needed, as there is no warranty
that calling applications will not fork() and we end up leaking
file descriptors to their child processes.
------------------------------------------------------------------- -------------------------------------------------------------------
Sat Oct 1 05:39:05 UTC 2011 - coolo@suse.com Sat Oct 1 05:39:05 UTC 2011 - coolo@suse.com

View File

@ -58,6 +58,7 @@ Patch29: file-5.07-llvm.dif
Patch30: file-5.07-visibility.patch Patch30: file-5.07-visibility.patch
Patch31: file-5.07-biorad.dif Patch31: file-5.07-biorad.dif
Patch32: file-5.07-clicfs.dif Patch32: file-5.07-clicfs.dif
Patch33: file-ocloexec.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
%global _sysconfdir /etc %global _sysconfdir /etc
%global _miscdir %{_datadir}/misc %global _miscdir %{_datadir}/misc
@ -107,6 +108,7 @@ to develop applications that require the magic "file" interface.
%patch31 -p0 -b .biorad %patch31 -p0 -b .biorad
%patch32 -p0 -b .clicfs %patch32 -p0 -b .clicfs
%patch -b .0 %patch -b .0
%patch33
%build %build
export LANG=POSIX export LANG=POSIX
@ -115,7 +117,7 @@ rm -f Magdir/*,v Magdir/*~
rm -f ltcf-c.sh ltconfig ltmain.sh rm -f ltcf-c.sh ltconfig ltmain.sh
autoreconf -fiv autoreconf -fiv
CFLAGS="$RPM_OPT_FLAGS -DHOWMANY=69632" CFLAGS="$RPM_OPT_FLAGS -DHOWMANY=69632"
%configure --datadir=%{_miscdir} --disable-static --with-pic --enable-fsect-man5 %configure --disable-silent-rules --datadir=%{_miscdir} --disable-static --with-pic --enable-fsect-man5
%{__make} %{?_smp_mflags} pkgdatadir='$(datadir)' %{__make} %{?_smp_mflags} pkgdatadir='$(datadir)'
%if 0%{?build_python_bindings:1} %if 0%{?build_python_bindings:1}
pushd python pushd python