+2017-04-19 Florian Weimer <fweimer@redhat.com>
+
+ [BZ #15722]
+ * resolv/res_hconf.c (_res_hconf_reorder_addrs): Create socket
+ with SOCK_CLOEXEC.
+ * resolv/res_send.c (send_vc, reopen): Likewise.
+ * sysdeps/posix/getaddrinfo.c (getaddrinfo): Likewise.
+ * sysdeps/unix/sysv/linux/check_native.c (__check_native):
+ Likewise.
+ * sysdeps/unix/sysv/linux/ifaddrs.c (__netlink_open): Likewise.
+ * inet/rexec.c (rexec_af): Add comment.
+ * inet/rcmd.c (rresvport_af): Likewise.
+
2017-04-19 Florian Weimer <fweimer@redhat.com>
* nscd/connections.c (have_accept4): Removed definition.
__set_errno (EAFNOSUPPORT);
return -1;
}
+ /* NB: No SOCK_CLOXEC for backwards compatibility. */
s = __socket(family, SOCK_STREAM, 0);
if (s < 0)
return -1;
}
ruserpass(res0->ai_canonname, &name, &pass);
retry:
+ /* NB: No SOCK_CLOXEC for backwards compatibility. */
s = __socket(res0->ai_family, res0->ai_socktype, 0);
if (s < 0) {
perror("rexec: socket");
}
/* Create RPC handle */
- sock = socket (AF_INET, SOCK_DGRAM, IPPROTO_UDP);
+ sock = socket (AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, IPPROTO_UDP);
clnt = clntudp_create (&saved_sin, NIS_PROG, NIS_VERSION, *timeout, &sock);
if (clnt == NULL)
{
/* Initialize interface table. */
/* The SIOCGIFNETMASK ioctl will only work on an AF_INET socket. */
- sd = __socket (AF_INET, SOCK_DGRAM, 0);
+ sd = __socket (AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, 0);
if (sd < 0)
return;
if (statp->_vcsock >= 0)
__res_iclose(statp, false);
- statp->_vcsock = socket(nsap->sa_family, SOCK_STREAM, 0);
+ statp->_vcsock = socket
+ (nsap->sa_family, SOCK_STREAM | SOCK_CLOEXEC, 0);
if (statp->_vcsock < 0) {
*terrno = errno;
Perror(statp, stderr, "socket(vc)", errno);
/* only try IPv6 if IPv6 NS and if not failed before */
if (nsap->sa_family == AF_INET6 && !statp->ipv6_unavail) {
- EXT(statp).nssocks[ns]
- = socket(PF_INET6, SOCK_DGRAM|SOCK_NONBLOCK, 0);
+ EXT(statp).nssocks[ns] = socket
+ (PF_INET6,
+ SOCK_DGRAM | SOCK_NONBLOCK | SOCK_CLOEXEC, 0);
if (EXT(statp).nssocks[ns] < 0)
statp->ipv6_unavail = errno == EAFNOSUPPORT;
slen = sizeof (struct sockaddr_in6);
} else if (nsap->sa_family == AF_INET) {
- EXT(statp).nssocks[ns]
- = socket(PF_INET, SOCK_DGRAM|SOCK_NONBLOCK, 0);
+ EXT(statp).nssocks[ns] = socket
+ (PF_INET,
+ SOCK_DGRAM | SOCK_NONBLOCK | SOCK_CLOEXEC, 0);
slen = sizeof (struct sockaddr_in);
}
if (EXT(statp).nssocks[ns] < 0) {
close_retry:
close_not_cancel_no_status (fd);
af = q->ai_family;
- fd = __socket (af, SOCK_DGRAM, IPPROTO_IP);
+ fd = __socket (af, SOCK_DGRAM | SOCK_CLOEXEC, IPPROTO_IP);
}
else
{
__check_native (uint32_t a1_index, int *a1_native,
uint32_t a2_index, int *a2_native)
{
- int fd = __socket (PF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
+ int fd = __socket (PF_NETLINK, SOCK_RAW | SOCK_CLOEXEC, NETLINK_ROUTE);
struct sockaddr_nl nladdr;
memset (&nladdr, '\0', sizeof (nladdr));
{
struct sockaddr_nl nladdr;
- h->fd = __socket (PF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
+ h->fd = __socket (PF_NETLINK, SOCK_RAW | SOCK_CLOEXEC, NETLINK_ROUTE);
if (h->fd < 0)
goto out;