Use POSIX_SPAWN_CLOEXEC_DEFAULT when possible

Use posix_spawn() with POSIX_SPAWN_CLOEXEC_DEFAULT on systems that
define this constant, in order to avoid leaking file descriptors into
subprocesses.

Bug: https://github.com/libarchive/libarchive/issues/2520

diff --git a/libarchive/filter_fork_posix.c b/libarchive/filter_fork_posix.c
index a90ef401473f3ee67a51511535c572b0e91d8e46..0c3d33d8d709ee985449ff9a82774bb0335115a4 100644 (file)
--- a/libarchive/filter_fork_posix.c
+++ b/libarchive/filter_fork_posix.c
@@ -77,11 +77,13 @@ __archive_create_child(const char *cmd, int *child_stdin, int *child_stdout,
        pid_t child = -1;
        int stdin_pipe[2], stdout_pipe[2], tmp;
 
-#if (HAVE_FORK || HAVE_VFORK) && (HAVE_CLOSEFROM || HAVE_CLOSE_RANGE)
+#if !defined(POSIX_SPAWN_CLOEXEC_DEFAULT) && \
+    (HAVE_FORK || HAVE_VFORK) && (HAVE_CLOSEFROM || HAVE_CLOSE_RANGE)
 #undef HAVE_POSIX_SPAWNP
 #endif
 
 #if HAVE_POSIX_SPAWNP
+       posix_spawnattr_t attr;
        posix_spawn_file_actions_t actions;
        int r;
 #endif
@@ -112,11 +114,21 @@ __archive_create_child(const char *cmd, int *child_stdin, int *child_stdout,
 
 #if HAVE_POSIX_SPAWNP
 
-       r = posix_spawn_file_actions_init(&actions);
+       r = posix_spawnattr_init(&attr);
        if (r != 0) {
                errno = r;
                goto stdout_opened;
        }
+       r = posix_spawn_file_actions_init(&actions);
+       if (r != 0) {
+               errno = r;
+               goto attr_inited;
+       }
+#ifdef POSIX_SPAWN_CLOEXEC_DEFAULT
+       r = posix_spawnattr_setflags(&attr, POSIX_SPAWN_CLOEXEC_DEFAULT);
+       if (r != 0)
+               goto actions_inited;
+#endif
        r = posix_spawn_file_actions_addclose(&actions, stdin_pipe[1]);
        if (r != 0)
                goto actions_inited;
@@ -141,11 +153,12 @@ __archive_create_child(const char *cmd, int *child_stdin, int *child_stdout,
                if (r != 0)
                        goto actions_inited;
        }
-       r = posix_spawnp(&child, cmdline->path, &actions, NULL,
+       r = posix_spawnp(&child, cmdline->path, &actions, &attr,
                cmdline->argv, NULL);
        if (r != 0)
                goto actions_inited;
        posix_spawn_file_actions_destroy(&actions);
+       posix_spawnattr_destroy(&attr);
 
 #else /* HAVE_POSIX_SPAWNP */
 
@@ -195,6 +208,8 @@ __archive_create_child(const char *cmd, int *child_stdin, int *child_stdout,
 actions_inited:
        errno = r;
        posix_spawn_file_actions_destroy(&actions);
+attr_inited:
+       posix_spawnattr_destroy(&attr);
 #endif
 stdout_opened:
        close(stdout_pipe[0]);