--- src/apprentice.c | 6 +++--- src/compress.c | 2 +- src/file.c | 2 +- src/magic.c | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) --- src/apprentice.c +++ src/apprentice.c 2017-09-13 10:32:02.149905845 +0000 @@ -1146,7 +1146,7 @@ load_1(struct magic_set *ms, int action, ssize_t len; struct magic_entry me; - FILE *f = fopen(ms->file = fn, "r"); + FILE *f = fopen(ms->file = fn, "re"); if (f == NULL) { if (errno != ENOENT) file_error(ms, errno, "cannot read magic file `%s'", @@ -3032,7 +3032,7 @@ apprentice_map(struct magic_set *ms, con if (dbname == NULL) goto error; - if ((fd = open(dbname, O_RDONLY|O_BINARY)) == -1) + if ((fd = open(dbname, O_RDONLY|O_BINARY|O_CLOEXEC)) == -1) goto error; if (fstat(fd, &st) == -1) { @@ -3169,7 +3169,7 @@ apprentice_compile(struct magic_set *ms, if (dbname == NULL) goto out; - if ((fd = open(dbname, O_WRONLY|O_CREAT|O_TRUNC|O_BINARY, 0644)) == -1) + if ((fd = open(dbname, O_WRONLY|O_CREAT|O_TRUNC|O_BINARY|O_CLOEXEC, 0644)) == -1) { file_error(ms, errno, "cannot open `%s'", dbname); goto out; --- src/compress.c +++ src/compress.c 2017-09-13 10:32:02.149905845 +0000 @@ -394,7 +394,7 @@ file_pipe2file(struct magic_set *ms, int #else { int te; - tfd = mkstemp(buf); + tfd = mkostemp(buf, O_CLOEXEC); te = errno; (void)unlink(buf); errno = te; --- src/file.c +++ src/file.c 2017-09-13 10:32:02.149905845 +0000 @@ -471,7 +471,7 @@ unwrap(struct magic_set *ms, const char f = stdin; wid = 1; } else { - if ((f = fopen(fn, "r")) == NULL) { + if ((f = fopen(fn, "re")) == NULL) { (void)fprintf(stderr, "%s: Cannot open `%s' (%s).\n", progname, fn, strerror(errno)); return 1; --- src/magic.c +++ src/magic.c 2017-09-13 10:32:02.149905845 +0000 @@ -442,7 +442,7 @@ file_or_fd(struct magic_set *ms, const c else pos = lseek(fd, (off_t)0, SEEK_CUR); } else { - int flags = O_RDONLY|O_BINARY; + int flags = O_RDONLY|O_BINARY|O_CLOEXEC; int okstat = stat(inname, &sb) == 0; if (okstat && S_ISFIFO(sb.st_mode)) {