From 95cfe58e3db9d939abe7a9a26116c1d576eed60b Mon Sep 17 00:00:00 2001 From: wm4 Date: Sat, 30 Nov 2013 22:40:51 +0100 Subject: Use O_CLOEXEC when creating FDs This is needed so that new processes (created with fork+exec) don't inherit open files, which can be important for a number of reasons. Since O_CLOEXEC is relatively new (POSIX.1-2008, before that Linux specific), we #define it to 0 in io.h to prevent compilation errors on older/crappy systems. At least this is the plan. input.c creates a pipe. For that, add a mp_set_cloexec() function (which is based on Weston's code in vo_wayland.c, but more correct). We could use pipe2() instead, but that is Linux specific. Technically, we have a race condition, but it won't matter. --- audio/filter/af_export.c | 4 +++- mpvcore/input/input.c | 17 +++++++++++------ mpvcore/player/command.c | 4 +++- mpvcore/player/configfiles.c | 9 ++++----- osdep/io.c | 18 +++++++++++++++++- osdep/io.h | 11 +++++++++++ stream/ai_oss.c | 4 +++- stream/cookies.c | 2 +- stream/dvb_tune.c | 10 ++++++---- stream/stream_dvb.c | 7 +++++-- stream/stream_dvd_common.c | 4 +++- stream/stream_file.c | 6 +++--- stream/stream_pvr.c | 4 +++- stream/stream_radio.c | 7 +++++-- stream/stream_vcd.c | 4 +++- 15 files changed, 81 insertions(+), 30 deletions(-) diff --git a/audio/filter/af_export.c b/audio/filter/af_export.c index c6f745ed50..e1c5c34e19 100644 --- a/audio/filter/af_export.c +++ b/audio/filter/af_export.c @@ -39,6 +39,8 @@ #include #include +#include "osdep/io.h" + #include "talloc.h" #include "af.h" #include "mpvcore/path.h" @@ -107,7 +109,7 @@ static int control(struct af_instance* af, int cmd, void* arg) } // Init memory mapping - s->fd = open(s->filename, O_RDWR | O_CREAT | O_TRUNC, 0640); + s->fd = open(s->filename, O_RDWR | O_CREAT | O_TRUNC | O_CLOEXEC, 0640); mp_msg(MSGT_AFILTER, MSGL_INFO, "[export] Exporting to file: %s\n", s->filename); if(s->fd < 0) { mp_msg(MSGT_AFILTER, MSGL_FATAL, "[export] Could not open/create file: %s\n", diff --git a/mpvcore/input/input.c b/mpvcore/input/input.c index 3e0313976a..744d474919 100644 --- a/mpvcore/input/input.c +++ b/mpvcore/input/input.c @@ -2309,12 +2309,17 @@ struct input_ctx *mp_input_init(struct mpv_global *global) } #ifndef __MINGW32__ - long ret = pipe(ictx->wakeup_pipe); - for (int i = 0; i < 2 && ret >= 0; i++) { - ret = fcntl(ictx->wakeup_pipe[i], F_GETFL); - if (ret < 0) - break; - ret = fcntl(ictx->wakeup_pipe[i], F_SETFL, ret | O_NONBLOCK); + int ret = pipe(ictx->wakeup_pipe); + if (ret == 0) { + for (int i = 0; i < 2 && ret >= 0; i++) { + mp_set_cloexec(ictx->wakeup_pipe[i]); + ret = fcntl(ictx->wakeup_pipe[i], F_GETFL); + if (ret < 0) + break; + ret = fcntl(ictx->wakeup_pipe[i], F_SETFL, ret | O_NONBLOCK); + if (ret < 0) + break; + } } if (ret < 0) MP_ERR(ictx, "Failed to initialize wakeup pipe: %s\n", strerror(errno)); diff --git a/mpvcore/player/command.c b/mpvcore/player/command.c index d8a317413f..129c0aa58a 100644 --- a/mpvcore/player/command.c +++ b/mpvcore/player/command.c @@ -65,6 +65,8 @@ #include #endif +#include "osdep/io.h" + #include "mp_core.h" #include "mp_lua.h" @@ -2334,7 +2336,7 @@ static int overlay_add(struct MPContext *mpctx, int id, int x, int y, fd = -1; close_fd = false; } else { - fd = open(file, O_RDONLY | O_BINARY); + fd = open(file, O_RDONLY | O_BINARY | O_CLOEXEC); } void *p = mmap(NULL, h * stride, PROT_READ, MAP_SHARED, fd, offset); if (fd >= 0 && close_fd) diff --git a/mpvcore/player/configfiles.c b/mpvcore/player/configfiles.c index 29350c0aed..31e3d0e75d 100644 --- a/mpvcore/player/configfiles.c +++ b/mpvcore/player/configfiles.c @@ -51,7 +51,6 @@ bool mp_parse_cfgfiles(struct MPContext *mpctx) struct MPOpts *opts = mpctx->opts; m_config_t *conf = mpctx->mconfig; char *conffile; - int conffile_fd; if (!opts->load_config) return true; if (!m_config_parse_config_file(conf, MPLAYER_CONFDIR "/mpv.conf", 0) < 0) @@ -60,11 +59,11 @@ bool mp_parse_cfgfiles(struct MPContext *mpctx) if ((conffile = mp_find_user_config_file("config")) == NULL) MP_ERR(mpctx, "mp_find_user_config_file(\"config\") problem\n"); else { - if ((conffile_fd = open(conffile, O_CREAT | O_EXCL | O_WRONLY, - 0666)) != -1) { + int fd = open(conffile, O_CREAT | O_EXCL | O_WRONLY | O_CLOEXEC, 0666); + if (fd != -1) { MP_INFO(mpctx, "Creating config file: %s\n", conffile); - write(conffile_fd, DEF_CONFIG, sizeof(DEF_CONFIG) - 1); - close(conffile_fd); + write(fd, DEF_CONFIG, sizeof(DEF_CONFIG) - 1); + close(fd); } if (m_config_parse_config_file(conf, conffile, 0) < 0) return false; diff --git a/osdep/io.c b/osdep/io.c index 94bd90a676..4ad00d8df3 100644 --- a/osdep/io.c +++ b/osdep/io.c @@ -19,6 +19,23 @@ */ #include "config.h" +#include "osdep/io.h" + +// Set the CLOEXEC flag on the given fd. +// On error, false is returned (and errno set). +bool mp_set_cloexec(int fd) +{ +#if defined(FD_CLOEXEC) && defined(F_SETFD) + if (fd >= 0) { + int flags = fcntl(fd, F_GETFD); + if (flags == -1) + return false; + if (fcntl(fd, F_SETFD, flags | FD_CLOEXEC) == -1) + return false; + } +#endif + return true; +} #ifdef _WIN32 @@ -27,7 +44,6 @@ #include #include -#include "osdep/io.h" #include "talloc.h" //copied and modified from libav diff --git a/osdep/io.h b/osdep/io.h index d855e852eb..aa20446210 100644 --- a/osdep/io.h +++ b/osdep/io.h @@ -20,7 +20,18 @@ #ifndef MPLAYER_OSDEP_IO #define MPLAYER_OSDEP_IO +#include #include +#include +#include +#include + +// This is in POSIX.1-2008, but support outside of Linux is scarce. +#ifndef O_CLOEXEC +#define O_CLOEXEC 0 +#endif + +bool mp_set_cloexec(int fd); #ifdef _WIN32 #include diff --git a/stream/ai_oss.c b/stream/ai_oss.c index 46e232b264..d222490430 100644 --- a/stream/ai_oss.c +++ b/stream/ai_oss.c @@ -36,6 +36,8 @@ #endif #endif +#include "osdep/io.h" + #include "audio_in.h" #include "mpvcore/mp_msg.h" @@ -85,7 +87,7 @@ int ai_oss_init(audio_in_t *ai) int err; int ioctl_param; - ai->oss.audio_fd = open(ai->oss.device, O_RDONLY); + ai->oss.audio_fd = open(ai->oss.device, O_RDONLY | O_CLOEXEC); if (ai->oss.audio_fd < 0) { mp_tmsg(MSGT_TV, MSGL_ERR, "Unable to open '%s': %s\n", diff --git a/stream/cookies.c b/stream/cookies.c index e0cfca7681..b5815da6e5 100644 --- a/stream/cookies.c +++ b/stream/cookies.c @@ -99,7 +99,7 @@ static char *load_file(const char *filename, int64_t * length) mp_msg(MSGT_NETWORK, MSGL_V, "Loading cookie file: %s\n", filename); - fd = open(filename, O_RDONLY); + fd = open(filename, O_RDONLY | O_CLOEXEC); if (fd < 0) { mp_msg(MSGT_NETWORK, MSGL_V, "Could not open"); goto err_out; diff --git a/stream/dvb_tune.c b/stream/dvb_tune.c index ded2e28681..ddeabd2385 100644 --- a/stream/dvb_tune.c +++ b/stream/dvb_tune.c @@ -34,7 +34,9 @@ #include #include #include + #include "config.h" +#include "osdep/io.h" #include "dvbin.h" #include "dvb_tune.h" #include "mpvcore/mp_msg.h" @@ -88,7 +90,7 @@ int dvb_open_devices(dvb_priv_t *priv, int n, int demux_cnt) sprintf(frontend_dev, "/dev/dvb/adapter%d/frontend0", n); sprintf(dvr_dev, "/dev/dvb/adapter%d/dvr0", n); sprintf(demux_dev, "/dev/dvb/adapter%d/demux0", n); - priv->fe_fd = open(frontend_dev, O_RDWR | O_NONBLOCK); + priv->fe_fd = open(frontend_dev, O_RDWR | O_NONBLOCK | O_CLOEXEC); if(priv->fe_fd < 0) { mp_msg(MSGT_DEMUX, MSGL_ERR, "ERROR OPENING FRONTEND DEVICE %s: ERRNO %d\n", frontend_dev, errno); @@ -98,7 +100,7 @@ int dvb_open_devices(dvb_priv_t *priv, int n, int demux_cnt) mp_msg(MSGT_DEMUX, MSGL_V, "DVB_OPEN_DEVICES(%d)\n", demux_cnt); for(i = 0; i < demux_cnt; i++) { - priv->demux_fds[i] = open(demux_dev, O_RDWR | O_NONBLOCK); + priv->demux_fds[i] = open(demux_dev, O_RDWR | O_NONBLOCK | O_CLOEXEC); if(priv->demux_fds[i] < 0) { mp_msg(MSGT_DEMUX, MSGL_ERR, "ERROR OPENING DEMUX 0: %d\n", errno); @@ -112,7 +114,7 @@ int dvb_open_devices(dvb_priv_t *priv, int n, int demux_cnt) } - priv->dvr_fd = open(dvr_dev, O_RDONLY| O_NONBLOCK); + priv->dvr_fd = open(dvr_dev, O_RDONLY| O_NONBLOCK | O_CLOEXEC); if(priv->dvr_fd < 0) { mp_msg(MSGT_DEMUX, MSGL_ERR, "ERROR OPENING DVR DEVICE %s: %d\n", dvr_dev, errno); @@ -143,7 +145,7 @@ int dvb_fix_demuxes(dvb_priv_t *priv, int cnt) { for(i = priv->demux_fds_cnt; i < cnt; i++) { - priv->demux_fds[i] = open(demux_dev, O_RDWR | O_NONBLOCK); + priv->demux_fds[i] = open(demux_dev, O_RDWR | O_NONBLOCK | O_CLOEXEC); mp_msg(MSGT_DEMUX, MSGL_V, "FIX, OPEN fd(%d): %d\n", i, priv->demux_fds[i]); if(priv->demux_fds[i] < 0) { diff --git a/stream/stream_dvb.c b/stream/stream_dvb.c index b34e80b226..71e9b87199 100644 --- a/stream/stream_dvb.c +++ b/stream/stream_dvb.c @@ -42,10 +42,13 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA #include #include +#include + +#include "osdep/io.h" + #include "stream.h" #include "mpvcore/m_option.h" #include "mpvcore/path.h" -#include "libavutil/avstring.h" #include "dvbin.h" @@ -735,7 +738,7 @@ dvb_config_t *dvb_get_config(void) for(i=0; i #endif +#include "osdep/io.h" + #include "mpvcore/mp_msg.h" #include "stream_dvd_common.h" @@ -104,7 +106,7 @@ void dvd_set_speed(char *device, unsigned speed) AV_WB16(buffer + 18, 1000); AV_WB16(buffer + 26, 1000); - fd = open(device, O_RDWR | O_NONBLOCK); + fd = open(device, O_RDWR | O_NONBLOCK | O_CLOEXEC); if (fd == -1) { mp_tmsg(MSGT_OPEN, MSGL_INFO, "Couldn't open DVD device for writing, changing DVD speed needs write access.\n"); return; diff --git a/stream/stream_file.c b/stream/stream_file.c index b638fdddf0..e72355d387 100644 --- a/stream/stream_file.c +++ b/stream/stream_file.c @@ -101,11 +101,11 @@ static int open_f(stream_t *stream, int mode) }; stream->priv = priv; - mode_t m = 0; + mode_t m = O_CLOEXEC; if (mode == STREAM_READ) - m = O_RDONLY; + m |= O_RDONLY; else if (mode == STREAM_WRITE) - m = O_RDWR | O_CREAT | O_TRUNC; + m |= O_RDWR | O_CREAT | O_TRUNC; else { mp_msg(MSGT_OPEN, MSGL_ERR, "[file] Unknown open mode %d\n", mode); return STREAM_UNSUPPORTED; diff --git a/stream/stream_pvr.c b/stream/stream_pvr.c index 4f121f0853..a89e70b2c6 100644 --- a/stream/stream_pvr.c +++ b/stream/stream_pvr.c @@ -42,6 +42,8 @@ #include #include +#include "osdep/io.h" + #include "mpvcore/mp_msg.h" #include "stream.h" @@ -1579,7 +1581,7 @@ pvr_stream_open (stream_t *stream, int mode) parse_encoder_options (pvr); /* open device */ - pvr->dev_fd = open (pvr->video_dev, O_RDWR); + pvr->dev_fd = open (pvr->video_dev, O_RDWR | O_CLOEXEC); mp_msg (MSGT_OPEN, MSGL_INFO, "%s Using device %s\n", LOG_LEVEL_PVR, pvr->video_dev); if (pvr->dev_fd == -1) diff --git a/stream/stream_radio.c b/stream/stream_radio.c index 6d07d9738f..5de81c4f90 100644 --- a/stream/stream_radio.c +++ b/stream/stream_radio.c @@ -39,11 +39,14 @@ #include #endif +#include + #include "stream.h" #include "mpvcore/m_option.h" #include "mpvcore/mp_msg.h" #include "stream_radio.h" -#include "libavutil/avstring.h" + +#include "osdep/io.h" #if HAVE_RADIO_CAPTURE #include "audio_in.h" @@ -877,7 +880,7 @@ static int open_s(stream_t *stream,int mode) stream->close=close_s; stream->fill_buffer=fill_buffer_s; - priv->radio_fd = open(priv->radio_param->device, O_RDONLY); + priv->radio_fd = open(priv->radio_param->device, O_RDONLY | O_CLOEXEC); if (priv->radio_fd < 0) { mp_tmsg(MSGT_RADIO, MSGL_ERR, "[radio] Unable to open '%s': %s\n", priv->radio_param->device, strerror(errno)); diff --git a/stream/stream_vcd.c b/stream/stream_vcd.c index 4c6dbcc074..0bc7e14f53 100644 --- a/stream/stream_vcd.c +++ b/stream/stream_vcd.c @@ -56,6 +56,8 @@ #define vcd_close(priv) (close(((mp_vcd_priv_t*)priv)->fd)) #endif +#include "osdep/io.h" + static int fill_buffer(stream_t *s, char* buffer, int max_len){ if(s->pos > s->end_pos) /// don't past end of current track return 0; @@ -112,7 +114,7 @@ static int open_s(stream_t *stream,int mode) OPEN_EXISTING, FILE_FLAG_SEQUENTIAL_SCAN, NULL); f = _open_osfhandle((intptr_t)hd, _O_RDONLY); #else - f=open(dev,O_RDONLY); + f=open(dev,O_RDONLY | O_CLOEXEC); #endif if(f<0){ mp_tmsg(MSGT_OPEN,MSGL_ERR,"CD-ROM Device '%s' not found.\n",dev); -- cgit v1.2.3