add CLOEXEC to various DNS related code
Occasionally file descriptors seem to be leaking across execs from DNS related calls. Set close-on-execute for the various sockets / file to prevent file descriptor leakage. Change-Id: I4724b47bc7236f40c29518a6075598a9bba48b0a
This commit is contained in:
parent
ddc449748b
commit
1781ed7774
@ -539,7 +539,7 @@ static FILE* android_open_proxy()
|
||||
const int one = 1;
|
||||
struct sockaddr_un proxy_addr;
|
||||
|
||||
sock = socket(AF_UNIX, SOCK_STREAM, 0);
|
||||
sock = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0);
|
||||
if (sock < 0) {
|
||||
return NULL;
|
||||
}
|
||||
|
@ -362,7 +362,7 @@ str2number(const char *p)
|
||||
*/
|
||||
static int
|
||||
_test_connect(int pf, struct sockaddr *addr, size_t addrlen, unsigned mark) {
|
||||
int s = socket(pf, SOCK_DGRAM, IPPROTO_UDP);
|
||||
int s = socket(pf, SOCK_DGRAM | SOCK_CLOEXEC, IPPROTO_UDP);
|
||||
if (s < 0)
|
||||
return 0;
|
||||
if (mark != MARK_UNSET && setsockopt(s, SOL_SOCKET, SO_MARK, &mark, sizeof(mark)) < 0)
|
||||
@ -433,7 +433,7 @@ android_getaddrinfo_proxy(
|
||||
return EAI_NODATA;
|
||||
}
|
||||
|
||||
sock = socket(AF_UNIX, SOCK_STREAM, 0);
|
||||
sock = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0);
|
||||
if (sock < 0) {
|
||||
return EAI_NODATA;
|
||||
}
|
||||
@ -884,7 +884,7 @@ explore_null(const struct addrinfo *pai, const char *servname,
|
||||
* filter out AFs that are not supported by the kernel
|
||||
* XXX errno?
|
||||
*/
|
||||
s = socket(pai->ai_family, SOCK_DGRAM, 0);
|
||||
s = socket(pai->ai_family, SOCK_DGRAM | SOCK_CLOEXEC, 0);
|
||||
if (s < 0) {
|
||||
if (errno != EMFILE)
|
||||
return 0;
|
||||
@ -1792,7 +1792,7 @@ _find_src_addr(const struct sockaddr *addr, struct sockaddr *src_addr, unsigned
|
||||
return 0;
|
||||
}
|
||||
|
||||
sock = socket(addr->sa_family, SOCK_DGRAM, IPPROTO_UDP);
|
||||
sock = socket(addr->sa_family, SOCK_DGRAM | SOCK_CLOEXEC, IPPROTO_UDP);
|
||||
if (sock == -1) {
|
||||
if (errno == EAFNOSUPPORT) {
|
||||
return 0;
|
||||
|
@ -611,7 +611,7 @@ net_mask(in) /* XXX - should really use system's version of this */
|
||||
static int
|
||||
real_randomid(u_int *random_value) {
|
||||
/* open the nonblocking random device, returning -1 on failure */
|
||||
int random_device = open("/dev/urandom", O_RDONLY);
|
||||
int random_device = open("/dev/urandom", O_RDONLY | O_CLOEXEC);
|
||||
if (random_device < 0) {
|
||||
return -1;
|
||||
}
|
||||
|
@ -779,7 +779,7 @@ send_vc(res_state statp,
|
||||
if (statp->_vcsock >= 0)
|
||||
res_nclose(statp);
|
||||
|
||||
statp->_vcsock = socket(nsap->sa_family, SOCK_STREAM, 0);
|
||||
statp->_vcsock = socket(nsap->sa_family, SOCK_STREAM | SOCK_CLOEXEC, 0);
|
||||
if (statp->_vcsock > highestFD) {
|
||||
res_nclose(statp);
|
||||
errno = ENOTSOCK;
|
||||
@ -1062,7 +1062,7 @@ send_dg(res_state statp,
|
||||
nsap = get_nsaddr(statp, (size_t)ns);
|
||||
nsaplen = get_salen(nsap);
|
||||
if (EXT(statp).nssocks[ns] == -1) {
|
||||
EXT(statp).nssocks[ns] = socket(nsap->sa_family, SOCK_DGRAM, 0);
|
||||
EXT(statp).nssocks[ns] = socket(nsap->sa_family, SOCK_DGRAM | SOCK_CLOEXEC, 0);
|
||||
if (EXT(statp).nssocks[ns] > highestFD) {
|
||||
res_nclose(statp);
|
||||
errno = ENOTSOCK;
|
||||
|
Loading…
Reference in New Issue
Block a user