Don't leak descriptors to sendmail

diff --git a/acquire.c b/acquire.c
index ad2047d8f09687fc8a8df29263801011b1cf53d9..7c893a9755ad36057fca4167c58020f0d72c936a 100644 (file)
--- a/acquire.c
+++ b/acquire.c
@@ -168,6 +168,9 @@ prepare_socket(int family)
     LOG_FATAL(LOGF_Acquire, "Could not open socket : %s", strerror(errno));
   }
 
+  /* Close on exec */
+  UTI_FdSetCloexec(sock_fd);
+
   if (port_number == 0) {
     /* Don't bother binding this socket - we're not fussed what port
        number it gets */

diff --git a/cmdmon.c b/cmdmon.c
index c8fc5b08adf20b57edb7bb432c925e3d2a2f86d2..38aec8dab85e622dd9c0d7344950c2e8b7fe30f8 100644 (file)
--- a/cmdmon.c
+++ b/cmdmon.c
@@ -199,6 +199,9 @@ prepare_socket(int family)
     return -1;
   }
 
+  /* Close on exec */
+  UTI_FdSetCloexec(sock_fd);
+
   /* Allow reuse of port number */
   if (setsockopt(sock_fd, SOL_SOCKET, SO_REUSEADDR, (char *) &on_off, sizeof(on_off)) < 0) {
     LOG(LOGS_ERR, LOGF_CmdMon, "Could not set reuseaddr socket options");

diff --git a/logging.c b/logging.c
index 591b552554ae03d2b96324fb91f4f9cc15914b94..687614cbc46ca0329c487ce646fb56c28e1b3e74 100644 (file)
--- a/logging.c
+++ b/logging.c
@@ -35,6 +35,7 @@
 #include "logging.h"
 #include "version.h"
 #include "mkdirpp.h"
+#include "util.h"
 
 /* ================================================== */
 /* Flag indicating we have initialised */
@@ -248,6 +249,9 @@ LOG_FileWrite(LOG_FileID id, const char *format, ...)
       logfiles[id].name = NULL;
       return;
     }
+
+    /* Close on exec */
+    UTI_FdSetCloexec(fileno(logfiles[id].file));
   }
 
   banner = CNF_GetLogBanner();

diff --git a/ntp_io.c b/ntp_io.c
index 3fbc642d3a10f707022b3e3cb3d8899d663fd1e0..cd8c5875f7d662e694414b4e9edd52a98173cfc9 100644 (file)
--- a/ntp_io.c
+++ b/ntp_io.c
@@ -121,6 +121,9 @@ prepare_socket(int family)
     return -1;
   }
 
+  /* Close on exec */
+  UTI_FdSetCloexec(sock_fd);
+
   /* Make the socket capable of re-using an old address */
   if (setsockopt(sock_fd, SOL_SOCKET, SO_REUSEADDR, (char *)&on_off, sizeof(on_off)) < 0) {
     LOG(LOGS_ERR, LOGF_NtpIO, "Could not set reuseaddr socket options");

diff --git a/refclock_pps.c b/refclock_pps.c
index 68d5e6ae246ae5a0a9fdc31f91a3fae7926c5262..0a28b06bce94183cbafefa7a8363161150629503 100644 (file)
--- a/refclock_pps.c
+++ b/refclock_pps.c
@@ -57,6 +57,8 @@ static int pps_initialise(RCL_Instance instance) {
     return 0;
   }
 
+  UTI_FdSetCloexec(fd);
+
   if (time_pps_create(fd, &handle) < 0) {
     LOG_FATAL(LOGF_Refclock, "time_pps_create() failed on %s", path);
     return 0;
@@ -93,6 +95,7 @@ static int pps_initialise(RCL_Instance instance) {
     return 0;
   }
 
+
   pps = MallocNew(struct pps_instance);
   pps->handle = handle;
   pps->last_seq = 0;

diff --git a/refclock_sock.c b/refclock_sock.c
index 410c1bf5439533aa57b1cf285748b75907cc6954..b4140dcc8da9cb80e1e752b36b1dbf9d9696bdde 100644 (file)
--- a/refclock_sock.c
+++ b/refclock_sock.c
@@ -105,6 +105,8 @@ static int sock_initialise(RCL_Instance instance)
     return 0;
   }
 
+  UTI_FdSetCloexec(sockfd);
+
   unlink(path);
   if (bind(sockfd, (struct sockaddr *)&s, sizeof (s)) < 0) {
     LOG_FATAL(LOGF_Refclock, "bind() failed");

diff --git a/rtc_linux.c b/rtc_linux.c
index a88c331ccea66d0cd1b1b801dd5b2a01c5a764b8..b8c51d328e08b82ec428f7570b6106a65ab2c3d8 100644 (file)
--- a/rtc_linux.c
+++ b/rtc_linux.c
@@ -591,6 +591,9 @@ RTC_Linux_Initialise(void)
     return 0;
   }
 
+  /* Close on exec */
+  UTI_FdSetCloexec(fd);
+
   n_samples = 0;
   n_samples_since_regression = 0;
   n_runs = 0;

diff --git a/util.c b/util.c
index aec5fd0ca5603e0afeb14ced2761eec3c66bce38..395f06b563a573070a92302e0cf15ce4180d7495 100644 (file)
--- a/util.c
+++ b/util.c
@@ -600,3 +600,17 @@ UTI_FloatHostToNetwork(double x)
 }
 
 /* ================================================== */
+
+void
+UTI_FdSetCloexec(int fd)
+{
+  int flags;
+
+  flags = fcntl(fd, F_GETFD);
+  if (flags != -1) {
+    flags |= FD_CLOEXEC;
+    fcntl(fd, F_SETFD, flags);
+  }
+}
+
+/* ================================================== */

diff --git a/util.h b/util.h
index 8ee9d6ed4cbe4a106131050ca13102a2526cfb9f..ba34b3f5cc15b226f19f8011157ad8e6f50c4916 100644 (file)
--- a/util.h
+++ b/util.h
@@ -102,6 +102,9 @@ extern void UTI_TimevalHostToNetwork(struct timeval *src, Timeval *dest);
 extern double UTI_FloatNetworkToHost(Float x);
 extern Float UTI_FloatHostToNetwork(double x);
 
+/* Set FD_CLOEXEC on descriptor */
+extern void UTI_FdSetCloexec(int fd);
+
 #if defined (INLINE_UTILITIES)
 #define INLINE_STATIC inline static
 #include "util.c"