This is an automated email from the ASF dual-hosted git repository. gilbert pushed a commit to branch 1.6.x in repository https://gitbox.apache.org/repos/asf/mesos.git
commit b1469bf436a43b08ab034a089672a03afca946d3 Author: Gilbert Song <[email protected]> AuthorDate: Mon Feb 11 12:51:22 2019 -0800 Updated handleWhitelistFds() to avoid closing FDs with FD_CLOEXEC bit. Since this helper is only called right before exec in child process, and for those open FDs that is set with FD_CLOEXEC flag, they will be closed during exec, so that we could skip closing these FDs in the helper. The motivation of this change is to avoid whitelisting those FDs that have to survive until exec while we do not want to expose these FDs to user applications. Review: https://reviews.apache.org/r/69946/ (cherry picked from commit 03e88611c756b63e398386e11e7866e88d018c6d) --- 3rdparty/libprocess/src/subprocess_posix.hpp | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/3rdparty/libprocess/src/subprocess_posix.hpp b/3rdparty/libprocess/src/subprocess_posix.hpp index 719bdf3..02d4a3a 100644 --- a/3rdparty/libprocess/src/subprocess_posix.hpp +++ b/3rdparty/libprocess/src/subprocess_posix.hpp @@ -130,7 +130,18 @@ static void handleWhitelistFds(const std::vector<int_fd>& whitelist_fds) } if (!found) { - ::close(fd); + int flags = ::fcntl(fd, F_GETFD); + if (flags == -1) { + // TODO(gilbert): clean up the use of `os::strerror` during the + // timeframe of fork-exec because it is not signal safe. + ABORT( + "Failed to get file descriptor flags: " + os::strerror(errno)); + } + + // Close the FD which does not have the FD_CLOEXEC bit. + if ((flags & FD_CLOEXEC) == 0){ + ::close(fd); + } } } }
