From 154d771692a1ca9b9af5eb0acc12885ca852307a Mon Sep 17 00:00:00 2001 From: Chris Rankin Date: Mon, 3 Oct 2011 01:34:37 +0100 Subject: Mark simple file and socket descriptors as uninheritable. This patch creates two utility functions: int open_cloexec(pathname, flags) int create_cloexec(pathname, flags, mode) These return a file descriptor with the CLOEXEC flag set, to ensure that the descriptor is not inherited across a fork/exec operation. The sockets returned by: _x_io_tcp_connect_ipv4() _x_io_tcp_connect() now also have their CLOEXEC flag set. --- src/xine-engine/io_helper.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) (limited to 'src/xine-engine') diff --git a/src/xine-engine/io_helper.c b/src/xine-engine/io_helper.c index d331b675a..871b44517 100644 --- a/src/xine-engine/io_helper.c +++ b/src/xine-engine/io_helper.c @@ -66,6 +66,16 @@ static int _x_io_tcp_connect_ipv4(xine_stream_t *stream, const char *host, int p return -1; } +#ifndef WIN32 + if (fcntl(s, F_SETFD, FD_CLOEXEC) < 0) { + xprintf(stream->xine, XINE_VERBOSITY_DEBUG, "Failed to make socket uninheritable (%s)\n", strerror(errno)); + } +#else + if (!SetHandleInformation((HANDLE)s, HANDLE_FLAG_INHERIT, 0)) { + xprintf(stream->xine, XINE_VERBOSITY_DEBUG, "Failed to make socket uninheritable\n"); + } +#endif + #ifndef WIN32 if (fcntl (s, F_SETFL, fcntl (s, F_GETFL) | O_NONBLOCK) == -1) { _x_message(stream, XINE_MSG_CONNECTION_REFUSED, "can't put socket in non-blocking mode", strerror(errno), NULL); @@ -152,6 +162,16 @@ int _x_io_tcp_connect(xine_stream_t *stream, const char *host, int port) { continue; } +#ifndef WIN32 + if (fcntl(s, F_SETFD, FD_CLOEXEC) < 0) { + xprintf(stream->xine, XINE_VERBOSITY_DEBUG, "Failed to make socket uninheritable (%s)\n", strerror(errno)); + } +#else + if (!SetHandleInformation((HANDLE)s, HANDLE_FLAG_INHERIT, 0)) { + xprintf(stream->xine, XINE_VERBOSITY_DEBUG, "Failed to make socket uninheritable\n"); + } +#endif + /* * Enable the non-blocking features only when there's no other * address, allowing to use other addresses if available. -- cgit v1.2.3 From a39a950269d165f18448cc7d6da691bf14b9e03b Mon Sep 17 00:00:00 2001 From: Chris Rankin Date: Mon, 3 Oct 2011 12:38:45 +0100 Subject: Prefix open_cloexec() and create_cloexec() with xine_, and add new xine_socket_cloexec() function. --- src/xine-engine/io_helper.c | 24 ++---------------------- 1 file changed, 2 insertions(+), 22 deletions(-) (limited to 'src/xine-engine') diff --git a/src/xine-engine/io_helper.c b/src/xine-engine/io_helper.c index 871b44517..399cb25a4 100644 --- a/src/xine-engine/io_helper.c +++ b/src/xine-engine/io_helper.c @@ -60,22 +60,12 @@ static int _x_io_tcp_connect_ipv4(xine_stream_t *stream, const char *host, int p return -1; } - s = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP); + s = xine_socket_cloexec(PF_INET, SOCK_STREAM, IPPROTO_TCP); if (s == -1) { _x_message(stream, XINE_MSG_CONNECTION_REFUSED, "failed to create socket", strerror(errno), NULL); return -1; } -#ifndef WIN32 - if (fcntl(s, F_SETFD, FD_CLOEXEC) < 0) { - xprintf(stream->xine, XINE_VERBOSITY_DEBUG, "Failed to make socket uninheritable (%s)\n", strerror(errno)); - } -#else - if (!SetHandleInformation((HANDLE)s, HANDLE_FLAG_INHERIT, 0)) { - xprintf(stream->xine, XINE_VERBOSITY_DEBUG, "Failed to make socket uninheritable\n"); - } -#endif - #ifndef WIN32 if (fcntl (s, F_SETFL, fcntl (s, F_GETFL) | O_NONBLOCK) == -1) { _x_message(stream, XINE_MSG_CONNECTION_REFUSED, "can't put socket in non-blocking mode", strerror(errno), NULL); @@ -154,7 +144,7 @@ int _x_io_tcp_connect(xine_stream_t *stream, const char *host, int port) { while (tmpaddr) { - s = socket(tmpaddr->ai_family, SOCK_STREAM, IPPROTO_TCP); + s = xine_socket_cloexec(tmpaddr->ai_family, SOCK_STREAM, IPPROTO_TCP); if (s == -1) { _x_message(stream, XINE_MSG_CONNECTION_REFUSED, "failed to create socket", strerror(errno), NULL); @@ -162,16 +152,6 @@ int _x_io_tcp_connect(xine_stream_t *stream, const char *host, int port) { continue; } -#ifndef WIN32 - if (fcntl(s, F_SETFD, FD_CLOEXEC) < 0) { - xprintf(stream->xine, XINE_VERBOSITY_DEBUG, "Failed to make socket uninheritable (%s)\n", strerror(errno)); - } -#else - if (!SetHandleInformation((HANDLE)s, HANDLE_FLAG_INHERIT, 0)) { - xprintf(stream->xine, XINE_VERBOSITY_DEBUG, "Failed to make socket uninheritable\n"); - } -#endif - /* * Enable the non-blocking features only when there's no other * address, allowing to use other addresses if available. -- cgit v1.2.3 From 7a585790118e837ec788ac9b3e4cf6a381c61234 Mon Sep 17 00:00:00 2001 From: Chris Rankin Date: Mon, 3 Oct 2011 21:27:57 +0100 Subject: Set CLOEXEC flag on three more sockets. There are two functions that actually set this flag: int _x_set_file_close_on_exec() int _x_set_socket_close_on_exec() (We need two functions because file descriptors and sockets are not the same under WIN32 - of course). These function belong to libxine's internal API, i.e. they are not available for use by plugins. --- src/xine-engine/broadcaster.c | 5 ++++- src/xine-engine/xine_private.h | 7 +++++++ 2 files changed, 11 insertions(+), 1 deletion(-) (limited to 'src/xine-engine') diff --git a/src/xine-engine/broadcaster.c b/src/xine-engine/broadcaster.c index f5ac0156f..0c2f2d4b2 100644 --- a/src/xine-engine/broadcaster.c +++ b/src/xine-engine/broadcaster.c @@ -64,6 +64,7 @@ #include #include #include +#include "xine_private.h" #define QLEN 5 /* maximum connection queue length */ #define _BUFSIZ 512 @@ -228,6 +229,8 @@ static void *manager_loop (void *this_gen) { ssock = accept(this->msock, &(fsin.sa), &alen); if (ssock >= 0) { + _x_set_socket_close_on_exec(ssock); + /* identification string, helps demuxer probing */ if( sock_string_write(this->stream->xine, ssock,"master xine v1") > 0 ) { int *psock = malloc(sizeof(int)); @@ -308,7 +311,7 @@ broadcaster_t *_x_init_broadcaster(xine_stream_t *stream, int port) } servAddr; int msock, err; - msock = socket(PF_INET, SOCK_STREAM, 0); + msock = xine_socket_cloexec(PF_INET, SOCK_STREAM, 0); if( msock < 0 ) { xprintf(stream->xine, XINE_VERBOSITY_DEBUG, "broadcaster: error opening master socket.\n"); diff --git a/src/xine-engine/xine_private.h b/src/xine-engine/xine_private.h index 6c01d3a2d..a82f6a05f 100644 --- a/src/xine-engine/xine_private.h +++ b/src/xine-engine/xine_private.h @@ -94,4 +94,11 @@ void _x_audio_decoder_shutdown (xine_stream_t *stream) INTERNAL; */ void xine_probe_fast_memcpy(xine_t *xine) INTERNAL; +/** + * @brief Make file descriptors and sockets uninheritable + */ +int _x_set_file_close_on_exec(int fd) INTERNAL; + +int _x_set_socket_close_on_exec(int s) INTERNAL; + #endif -- cgit v1.2.3