From 62a669d9f04e83debe729347617a935707badc7e Mon Sep 17 00:00:00 2001 From: Chris Rankin Date: Sat, 1 Oct 2011 14:14:27 +0100 Subject: Mark simple file and socket descriptors as uninheritable. This patch creates two utility functions: int open_cloexec(pathname, flags) int create_cloexec(pathname, flags, mode) These return a file descriptor with the CLOEXEC flag set, to ensure that the descriptor is not inherited across a fork/exec operation. The sockets returned by: _x_io_tcp_connect_ipv4() _x_io_tcp_connect() now also have their CLOEXEC flag set. --- src/xine-engine/io_helper.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'src/xine-engine') diff --git a/src/xine-engine/io_helper.c b/src/xine-engine/io_helper.c index b06c47709..5bcd95c63 100644 --- a/src/xine-engine/io_helper.c +++ b/src/xine-engine/io_helper.c @@ -66,6 +66,16 @@ static int _x_io_tcp_connect_ipv4(xine_stream_t *stream, const char *host, int p return -1; } +#ifndef WIN32 + if (fcntl(s, F_SETFD, FD_CLOEXEC) < 0) { + xprintf(stream->xine, XINE_VERBOSITY_DEBUG, "Failed to make socket uninheritable (%s)\n", strerror(errno)); + } +#else + if (!SetHandleInformation((HANDLE)s, HANDLE_FLAG_INHERIT, 0)) { + xprintf(stream->xine, XINE_VERBOSITY_DEBUG, "Failed to make socket uninheritable\n"); + } +#endif + #ifndef WIN32 if (fcntl (s, F_SETFL, fcntl (s, F_GETFL) | O_NONBLOCK) == -1) { _x_message(stream, XINE_MSG_CONNECTION_REFUSED, "can't put socket in non-blocking mode", strerror(errno), NULL); @@ -152,6 +162,16 @@ int _x_io_tcp_connect(xine_stream_t *stream, const char *host, int port) { continue; } +#ifndef WIN32 + if (fcntl(s, F_SETFD, FD_CLOEXEC) < 0) { + xprintf(stream->xine, XINE_VERBOSITY_DEBUG, "Failed to make socket uninheritable (%s)\n", strerror(errno)); + } +#else + if (!SetHandleInformation((HANDLE)s, HANDLE_FLAG_INHERIT, 0)) { + xprintf(stream->xine, XINE_VERBOSITY_DEBUG, "Failed to make socket uninheritable\n"); + } +#endif + /* * Enable the non-blocking features only when there's no other * address, allowing to use other addresses if available. -- cgit v1.2.3 From 5db268a002e7a102855e84a3ff5e1c27ca7cb927 Mon Sep 17 00:00:00 2001 From: Chris Rankin Date: Mon, 3 Oct 2011 12:11:56 +0100 Subject: Prefix open_cloexec() and create_cloexec() with xine_, and add new xine_socket_cloexec() function. --- src/xine-engine/io_helper.c | 24 ++---------------------- 1 file changed, 2 insertions(+), 22 deletions(-) (limited to 'src/xine-engine') diff --git a/src/xine-engine/io_helper.c b/src/xine-engine/io_helper.c index 5bcd95c63..22f34ffc2 100644 --- a/src/xine-engine/io_helper.c +++ b/src/xine-engine/io_helper.c @@ -60,22 +60,12 @@ static int _x_io_tcp_connect_ipv4(xine_stream_t *stream, const char *host, int p return -1; } - s = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP); + s = xine_socket_cloexec(PF_INET, SOCK_STREAM, IPPROTO_TCP); if (s == -1) { _x_message(stream, XINE_MSG_CONNECTION_REFUSED, "failed to create socket", strerror(errno), NULL); return -1; } -#ifndef WIN32 - if (fcntl(s, F_SETFD, FD_CLOEXEC) < 0) { - xprintf(stream->xine, XINE_VERBOSITY_DEBUG, "Failed to make socket uninheritable (%s)\n", strerror(errno)); - } -#else - if (!SetHandleInformation((HANDLE)s, HANDLE_FLAG_INHERIT, 0)) { - xprintf(stream->xine, XINE_VERBOSITY_DEBUG, "Failed to make socket uninheritable\n"); - } -#endif - #ifndef WIN32 if (fcntl (s, F_SETFL, fcntl (s, F_GETFL) | O_NONBLOCK) == -1) { _x_message(stream, XINE_MSG_CONNECTION_REFUSED, "can't put socket in non-blocking mode", strerror(errno), NULL); @@ -154,7 +144,7 @@ int _x_io_tcp_connect(xine_stream_t *stream, const char *host, int port) { while (tmpaddr) { - s = socket(tmpaddr->ai_family, SOCK_STREAM, IPPROTO_TCP); + s = xine_socket_cloexec(tmpaddr->ai_family, SOCK_STREAM, IPPROTO_TCP); if (s == -1) { _x_message(stream, XINE_MSG_CONNECTION_REFUSED, "failed to create socket", strerror(errno), NULL); @@ -162,16 +152,6 @@ int _x_io_tcp_connect(xine_stream_t *stream, const char *host, int port) { continue; } -#ifndef WIN32 - if (fcntl(s, F_SETFD, FD_CLOEXEC) < 0) { - xprintf(stream->xine, XINE_VERBOSITY_DEBUG, "Failed to make socket uninheritable (%s)\n", strerror(errno)); - } -#else - if (!SetHandleInformation((HANDLE)s, HANDLE_FLAG_INHERIT, 0)) { - xprintf(stream->xine, XINE_VERBOSITY_DEBUG, "Failed to make socket uninheritable\n"); - } -#endif - /* * Enable the non-blocking features only when there's no other * address, allowing to use other addresses if available. -- cgit v1.2.3 From fa660f82ae5889b931c645133abb151f26fba343 Mon Sep 17 00:00:00 2001 From: Chris Rankin Date: Mon, 3 Oct 2011 21:07:39 +0100 Subject: Set CLOEXEC flag on three more sockets. There are two functions that actually set this flag: int _x_set_file_close_on_exec() int _x_set_socket_close_on_exec() (We need two functions because file descriptors and sockets are not the same under WIN32 - of course). These function have been assigned "internal" visibility so that they can be used throughout libxine.so itself while still not being exported to the global symbol table. In other words, they're both as close to being "static" as I can make them. --- src/xine-engine/Makefile.am | 2 +- src/xine-engine/broadcaster.c | 4 +++- src/xine-engine/xine_internal.h | 1 + src/xine-engine/xine_private.h | 39 +++++++++++++++++++++++++++++++++++++++ 4 files changed, 44 insertions(+), 2 deletions(-) create mode 100644 src/xine-engine/xine_private.h (limited to 'src/xine-engine') diff --git a/src/xine-engine/Makefile.am b/src/xine-engine/Makefile.am index 576c61b14..67ae63fae 100644 --- a/src/xine-engine/Makefile.am +++ b/src/xine-engine/Makefile.am @@ -41,7 +41,7 @@ xineinclude_HEADERS = buffer.h metronom.h configfile.h vo_scale.h \ plugin_catalog.h audio_decoder.h video_decoder.h post.h \ io_helper.h broadcaster.h info_helper.h refcounter.h alphablend.h -noinst_HEADERS = bswap.h ffmpeg_bswap.h +noinst_HEADERS = bswap.h ffmpeg_bswap.h xine_private.h if WIN32 install-exec-local: diff --git a/src/xine-engine/broadcaster.c b/src/xine-engine/broadcaster.c index a554337a3..3f943171f 100644 --- a/src/xine-engine/broadcaster.c +++ b/src/xine-engine/broadcaster.c @@ -227,6 +227,8 @@ static void *manager_loop (void *this_gen) { ssock = accept(this->msock, &(fsin.sa), &alen); if (ssock >= 0) { + _x_set_socket_close_on_exec(ssock); + /* identification string, helps demuxer probing */ if( sock_string_write(this->stream->xine, ssock,"master xine v1") > 0 ) { int *psock = malloc(sizeof(int)); @@ -307,7 +309,7 @@ broadcaster_t *_x_init_broadcaster(xine_stream_t *stream, int port) } servAddr; int msock, err; - msock = socket(PF_INET, SOCK_STREAM, 0); + msock = xine_socket_cloexec(PF_INET, SOCK_STREAM, 0); if( msock < 0 ) { xprintf(stream->xine, XINE_VERBOSITY_DEBUG, "broadcaster: error opening master socket.\n"); diff --git a/src/xine-engine/xine_internal.h b/src/xine-engine/xine_internal.h index 7566c83e0..bb2113831 100644 --- a/src/xine-engine/xine_internal.h +++ b/src/xine-engine/xine_internal.h @@ -48,6 +48,7 @@ extern "C" { # include "io_helper.h" # include "info_helper.h" # include "alphablend.h" +# include "xine_private.h" #else # include # include diff --git a/src/xine-engine/xine_private.h b/src/xine-engine/xine_private.h new file mode 100644 index 000000000..1f3564cbc --- /dev/null +++ b/src/xine-engine/xine_private.h @@ -0,0 +1,39 @@ +/* + * Copyright (C) 2000-2011 the xine project + * + * This file is part of xine, a free video player. + * + * xine is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * xine is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110, USA + */ + +#ifndef HAVE_XINE_PRIVATE_H +#define HAVE_XINE_PRIVATE_H + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * make file descriptors and sockets uninheritable + */ +int _x_set_file_close_on_exec(int fd) XINE_INTERNAL; + +int _x_set_socket_close_on_exec(int s) XINE_INTERNAL; + +#ifdef __cplusplus +} +#endif + +#endif -- cgit v1.2.3