Prevent unintended file desriptor leak in grantpt.

The pt_chown program is completely transparently called. It might not be able to live with the various file descriptors the program has open at the time of the call (e.g., under SELinux). Close all but the needed descriptor and connect stdin, stdout, and stderr with /dev/null. pt_chown shouldn't print anything when called to do real work.
2025-07-30 22:43:12 +03:00 · 2009-11-24 18:24:14 -08:00
parent fa214705b9
commit 139ee080b6
4 changed files with 54 additions and 3 deletions
--- a/sysdeps/unix/sysv/linux/grantpt.c
+++ b/sysdeps/unix/sysv/linux/grantpt.c
@ -0,0 +1,42 @@
+#include <assert.h>
+#include <ctype.h>
+#include <dirent.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <paths.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+#include "not-cancel.h"
+#include "pty-private.h"
+
+
+/* Close all file descriptors except the one specified.  */
+static void
+close_all_fds (void)
+{
+  DIR *dir = opendir ("/proc/self/fd");
+  if (dir != NULL)
+    {
+      struct dirent64 *d;
+      while ((d = readdir64 (dir)) != NULL)
+	if (isdigit (d->d_name[0]))
+	  {
+	    char *endp;
+	    long int fd = strtol (d->d_name, &endp, 10);
+	    if (*endp == '\0' && fd != PTY_FILENO && fd != dirfd (dir))
+	      close_not_cancel_no_status (fd);
+	  }
+
+      closedir (dir);
+
+      int nullfd = open_not_cancel_2 (_PATH_DEVNULL, O_RDONLY);
+      assert (nullfd == STDIN_FILENO);
+      nullfd = open_not_cancel_2 (_PATH_DEVNULL, O_WRONLY);
+      assert (nullfd == STDOUT_FILENO);
+      __dup2 (STDOUT_FILENO, STDERR_FILENO);
+    }
+}
+#define CLOSE_ALL_FDS() close_all_fds()
+
+#include <sysdeps/unix/grantpt.c>