projects / musl / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 85e0e35)
fail posix_spawn file_actions operations with negative fds
authorRich Felker <dalias@aerifal.cx>
Sat, 30 Jan 2021 21:09:22 +0000 (16:09 -0500)
committerRich Felker <dalias@aerifal.cx>
Sat, 30 Jan 2021 21:09:22 +0000 (16:09 -0500)
these functions are specified to fail with EBADF on negative fd
arguments. apart from close, they are also specified to fail if the
value exceeds OPEN_MAX, but as written it is not clear that this
imposes any requirement when OPEN_MAX is not defined, and it's
undesirable to impose a dynamic limit (via setrlimit) here since the
limit at the time of posix_spawn may be different from the limit at
the time of setting up the file actions. this may require revisiting
later.

src/process/posix_spawn_file_actions_addclose.c patch | blob | history
src/process/posix_spawn_file_actions_adddup2.c patch | blob | history
src/process/posix_spawn_file_actions_addfchdir.c patch | blob | history
src/process/posix_spawn_file_actions_addopen.c patch | blob | history

diff --git a/src/process/posix_spawn_file_actions_addclose.c b/src/process/posix_spawn_file_actions_addclose.c
index cdda597..0c2ef8f 100644 (file)
--- a/src/process/posix_spawn_file_actions_addclose.c
+++ b/src/process/posix_spawn_file_actions_addclose.c
@@ -5,6 +5,7 @@
 
 int posix_spawn_file_actions_addclose(posix_spawn_file_actions_t *fa, int fd)
 {
+       if (fd < 0) return EBADF;
        struct fdop *op = malloc(sizeof *op);
        if (!op) return ENOMEM;
        op->cmd = FDOP_CLOSE;
diff --git a/src/process/posix_spawn_file_actions_adddup2.c b/src/process/posix_spawn_file_actions_adddup2.c
index 0367498..addca4d 100644 (file)
--- a/src/process/posix_spawn_file_actions_adddup2.c
+++ b/src/process/posix_spawn_file_actions_adddup2.c
@@ -5,6 +5,7 @@
 
 int posix_spawn_file_actions_adddup2(posix_spawn_file_actions_t *fa, int srcfd, int fd)
 {
+       if (srcfd < 0 || fd < 0) return EBADF;
        struct fdop *op = malloc(sizeof *op);
        if (!op) return ENOMEM;
        op->cmd = FDOP_DUP2;
diff --git a/src/process/posix_spawn_file_actions_addfchdir.c b/src/process/posix_spawn_file_actions_addfchdir.c
index 436c683..e89ede8 100644 (file)
--- a/src/process/posix_spawn_file_actions_addfchdir.c
+++ b/src/process/posix_spawn_file_actions_addfchdir.c
@@ -6,6 +6,7 @@
 
 int posix_spawn_file_actions_addfchdir_np(posix_spawn_file_actions_t *fa, int fd)
 {
+       if (fd < 0) return EBADF;
        struct fdop *op = malloc(sizeof *op);
        if (!op) return ENOMEM;
        op->cmd = FDOP_FCHDIR;
diff --git a/src/process/posix_spawn_file_actions_addopen.c b/src/process/posix_spawn_file_actions_addopen.c
index 368922c..82bbcec 100644 (file)
--- a/src/process/posix_spawn_file_actions_addopen.c
+++ b/src/process/posix_spawn_file_actions_addopen.c
@@ -6,6 +6,7 @@
 
 int posix_spawn_file_actions_addopen(posix_spawn_file_actions_t *restrict fa, int fd, const char *restrict path, int flags, mode_t mode)
 {
+       if (fd < 0) return EBADF;
        struct fdop *op = malloc(sizeof *op + strlen(path) + 1);
        if (!op) return ENOMEM;
        op->cmd = FDOP_OPEN;
musl