From b8b64efebea37adfd49be3ce8074b2deec879551 Mon Sep 17 00:00:00 2001 From: Stefan Seyfried Date: Sun, 4 Dec 2011 16:24:57 +0100 Subject: [PATCH] add a 'safe_system' function which avoids leaking FDs Origin commit data ------------------ Branch: ni/coolstream Commit: https://github.com/neutrino-images/ni-neutrino/commit/60454a643c28c22cfa46f6e91d169caf1770d837 Author: Stefan Seyfried Date: 2011-12-04 (Sun, 04 Dec 2011) ------------------ No further description and justification available within origin commit message! ------------------ This commit was generated by Migit --- src/system/Makefile.am | 1 + src/system/safe_system.c | 26 ++++++++++++++++++++++++++ src/system/safe_system.h | 11 +++++++++++ 3 files changed, 38 insertions(+) create mode 100644 src/system/safe_system.c create mode 100644 src/system/safe_system.h diff --git a/src/system/Makefile.am b/src/system/Makefile.am index 4899bec4f..1675a6cac 100644 --- a/src/system/Makefile.am +++ b/src/system/Makefile.am @@ -22,6 +22,7 @@ endif noinst_LIBRARIES = libneutrino_system.a libneutrino_system_a_SOURCES = \ + safe_system.c \ localize.cpp setting_helpers.cpp debug.cpp \ ping.c flashtool.cpp httptool.cpp \ settings.cpp lastchannel.cpp \ diff --git a/src/system/safe_system.c b/src/system/safe_system.c new file mode 100644 index 000000000..3e92028b7 --- /dev/null +++ b/src/system/safe_system.c @@ -0,0 +1,26 @@ +/* + * (C) 2011 Stefan Seyfried + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ +#include +#include +int safe_system(const char *command) +{ + int fd; + /* hm, what if we have more than 256 FDs open? */ + for (fd = 3; fd < 256; fd++) + fcntl(fd, F_SETFD, FD_CLOEXEC); + return system(command); +} diff --git a/src/system/safe_system.h b/src/system/safe_system.h new file mode 100644 index 000000000..2f56e0dd7 --- /dev/null +++ b/src/system/safe_system.h @@ -0,0 +1,11 @@ +#ifndef _SAFE_SYSTEM_H_ +#define _SAFE_SYSTEM_H_ +#ifdef __cplusplus +extern "C" +{ +#endif +extern int safe_system(const char *); +#ifdef __cplusplus +} +#endif +#endif