Re: [Libvir] [patch 7/9] Fix our FD_CLOEXEC usage
Mark McLoughlin <markmc(a)redhat.com> wrote:
Implement a sane policy around our use of FD_CLOEXEC:
1) Every descriptor which shouldn't be passed to
child processes should have the flag set
2) Let exec() do the descriptor closing, rather
than us doing it ourselves
...
- for (i = 0; i < open_max; i++) {
- if (i != STDOUT_FILENO &&
- i != STDERR_FILENO &&
- i != STDIN_FILENO)
- close(i);
- else if (errors == NO_ERRORS)
- dup2(null, i);
+ if (errors == NO_ERRORS) {
+ dup2(null, STDIN_FILENO);
+ dup2(null, STDOUT_FILENO);
+ dup2(null, STDERR_FILENO);
+ close(null);
}
True, dup2 failure wasn't checked before either,
but it *can* fail. Best to diagnose it, just in case.