From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <glibc-bugs-return-19092-listarch-glibc-bugs=sources.redhat.com@sourceware.org>
Received: (qmail 15500 invoked by alias); 9 Jul 2013 03:08:44 -0000
Mailing-List: contact glibc-bugs-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs@sourceware.org>
List-Help: <mailto:glibc-bugs-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-owner@sourceware.org
Received: (qmail 14761 invoked by uid 48); 9 Jul 2013 03:08:37 -0000
From: "thiago at kde dot org" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs@sourceware.org
Subject: [Bug libc/15722] New: Verify that all internal sockets opened with SOCK_CLOEXEC
Date: Tue, 09 Jul 2013 03:08:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: libc
X-Bugzilla-Version: unspecified
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: thiago at kde dot org
X-Bugzilla-Status: NEW
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields: bug_id short_desc product version bug_status bug_severity priority component assigned_to reporter cc
Message-ID: <bug-15722-131@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2013-07/txt/msg00033.txt.bz2

http://sourceware.org/bugzilla/show_bug.cgi?id=15722

            Bug ID: 15722
           Summary: Verify that all internal sockets opened with
                    SOCK_CLOEXEC
           Product: glibc
           Version: unspecified
            Status: NEW
          Severity: normal
          Priority: P2
         Component: libc
          Assignee: unassigned at sourceware dot org
          Reporter: thiago at kde dot org
                CC: drepper.fsp at gmail dot com

As the Summary says.

glibc has many internal sockets that it opens for internal operations and
doesn't use SOCK_CLOEXEC on. Some of those sockets are used only for a short
time (for ioctl or netlink), but some may be for a long time. Anyway, however
short the time it stays open, there's still a chance that it may leak by
another thread doing a simultaneous fork().

I've found socket openings without SOCK_CLOEXEC in:

 * __opensock (socket/opensock.c), though the override in
sysdeps/unix/sysv/linux/opensock.c uses SOCK_CLOEXEC
 * getifaddrs (sysdeps/gnu/ifaddrs.c and sysdeps/unix/sysv/linux/ifaddrs.c)
 * getaddrinfo (sysdeps/posix/getaddrinfo.c)
 * __check_native (sysdeps/unix/sysv/linux/check_native.c)
 * __check_pf (sysdeps/unix/sysv/linux/check_pf.c)
 * multiple in resolv/res_send.c

There could be more.

Maybe it would be useful to have an internal function that opens always a
socket with O_CLOEXEC semantics.

-- 
You are receiving this mail because:
You are on the CC list for the bug.