This is an automated email from the ASF dual-hosted git repository.
xiaoxiang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/nuttx-apps.git
The following commit(s) were added to refs/heads/master by this push:
new bae15dfd5 nshlib: enable O_CLOEXEC explicit to avoid potential fd leak
bae15dfd5 is described below
commit bae15dfd585082b25efbdf892e487570ab339344
Author: wanggang26 <[email protected]>
AuthorDate: Wed Oct 25 20:44:15 2023 +0800
nshlib: enable O_CLOEXEC explicit to avoid potential fd leak
leaking here means fork/vfork will duplicate fd without O_CLOEXEC flag
to the child process.
Signed-off-by: wanggang26 <[email protected]>
---
nshlib/nsh_script.c | 2 +-
nshlib/nsh_syscmds.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/nshlib/nsh_script.c b/nshlib/nsh_script.c
index 9cf19fd25..b9a210dff 100644
--- a/nshlib/nsh_script.c
+++ b/nshlib/nsh_script.c
@@ -119,7 +119,7 @@ int nsh_script(FAR struct nsh_vtbl_s *vtbl, FAR const FAR
char *cmd,
/* Open the file containing the script */
- vtbl->np.np_fd = open(fullpath, O_RDOK);
+ vtbl->np.np_fd = open(fullpath, O_RDOK | O_CLOEXEC);
if (vtbl->np.np_fd < 0)
{
if (log)
diff --git a/nshlib/nsh_syscmds.c b/nshlib/nsh_syscmds.c
index f635a4064..ac14c79ce 100644
--- a/nshlib/nsh_syscmds.c
+++ b/nshlib/nsh_syscmds.c
@@ -598,7 +598,7 @@ static int cmd_rpmsg_once(FAR struct nsh_vtbl_s *vtbl,
return ERROR;
}
- fd = open(path, 0);
+ fd = open(path, O_CLOEXEC);
if (fd < 0)
{
nsh_output(vtbl, g_fmtarginvalid, path);
