public inbox for glibc-bugs@sourceware.org help / color / mirror / Atom feed
From: "thiago at kde dot org" <sourceware-bugzilla@sourceware.org> To: glibc-bugs@sourceware.org Subject: [Bug libc/15722] New: Verify that all internal sockets opened with SOCK_CLOEXEC Date: Tue, 09 Jul 2013 03:08:00 -0000 [thread overview] Message-ID: <bug-15722-131@http.sourceware.org/bugzilla/> (raw) http://sourceware.org/bugzilla/show_bug.cgi?id=15722 Bug ID: 15722 Summary: Verify that all internal sockets opened with SOCK_CLOEXEC Product: glibc Version: unspecified Status: NEW Severity: normal Priority: P2 Component: libc Assignee: unassigned at sourceware dot org Reporter: thiago at kde dot org CC: drepper.fsp at gmail dot com As the Summary says. glibc has many internal sockets that it opens for internal operations and doesn't use SOCK_CLOEXEC on. Some of those sockets are used only for a short time (for ioctl or netlink), but some may be for a long time. Anyway, however short the time it stays open, there's still a chance that it may leak by another thread doing a simultaneous fork(). I've found socket openings without SOCK_CLOEXEC in: * __opensock (socket/opensock.c), though the override in sysdeps/unix/sysv/linux/opensock.c uses SOCK_CLOEXEC * getifaddrs (sysdeps/gnu/ifaddrs.c and sysdeps/unix/sysv/linux/ifaddrs.c) * getaddrinfo (sysdeps/posix/getaddrinfo.c) * __check_native (sysdeps/unix/sysv/linux/check_native.c) * __check_pf (sysdeps/unix/sysv/linux/check_pf.c) * multiple in resolv/res_send.c There could be more. Maybe it would be useful to have an internal function that opens always a socket with O_CLOEXEC semantics. -- You are receiving this mail because: You are on the CC list for the bug.
next reply other threads:[~2013-07-09 3:08 UTC|newest] Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top 2013-07-09 3:08 thiago at kde dot org [this message] 2013-10-14 13:48 ` [Bug libc/15722] " neleai at seznam dot cz 2013-10-14 14:51 ` thiago at kde dot org 2013-10-20 8:29 ` neleai at seznam dot cz 2014-06-13 13:25 ` fweimer at redhat dot com 2014-06-16 11:13 ` fweimer at redhat dot com 2015-01-02 18:32 ` thiago at kde dot org 2015-08-27 22:16 ` [Bug network/15722] " jsm28 at gcc dot gnu.org 2020-09-09 20:31 ` fweimer at redhat dot com
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=bug-15722-131@http.sourceware.org/bugzilla/ \ --to=sourceware-bugzilla@sourceware.org \ --cc=glibc-bugs@sourceware.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).