From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-qk1-x732.google.com (mail-qk1-x732.google.com [IPv6:2607:f8b0:4864:20::732]) by sourceware.org (Postfix) with ESMTPS id 7A404398206F for ; Mon, 12 Apr 2021 21:11:26 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 7A404398206F Received: by mail-qk1-x732.google.com with SMTP id o5so15858271qkb.0 for ; Mon, 12 Apr 2021 14:11:26 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=l7QPyDUtKNP+6vKbXjXkZSpRQKxutYSrS7+rqd3l8ow=; b=VZnekSrqx3Yz8d13v3hvn/iRmwCm5/1HpFpTSJadOYq4aL1NlJkq3iUIhkQRNDrKX+ ZI/3z7DF+uBd0urN3ijD87Uux7pOKEz99x5yoOnN7jM6LmwiuD//xyxWIKM5UqH8eNdv a+QgCsn8NZIQNUPLDQqmouBUvpSdYxul4OyNmqJhsQBpEe6BQWZVnoohblGNm9xQ9+ga sr8EhhPC/Fz+6gZEuPLbS1E7L8JdkJtZxi98cKnouObuXL/YR8euKLIv08ymLYAh0/FW cKts6uKbfM8UqGaxSi9LiaGrMap/0eU5FwZFGQLPvWYNgV4tsGKl+RF8u7XlIGjF34XL TbDw== X-Gm-Message-State: AOAM5320plT42bpwePtF9r8ukHrzsyVGvygbAXODec0d0ZULLjNxjquv ShSrokN4j8Paxp8i7mnEE/JT6VLADjVp1vNI X-Google-Smtp-Source: ABdhPJw3LzojSAZJ1NDZ9ExDwRazm16vfIZ7uE1ZYJA9wLJOnoC7kZryuxsEsxqU7e5sOHdrmIWoTg== X-Received: by 2002:a37:6149:: with SMTP id v70mr6877293qkb.303.1618261885912; Mon, 12 Apr 2021 14:11:25 -0700 (PDT) Received: from localhost.localdomain ([177.194.41.149]) by smtp.googlemail.com with ESMTPSA id i22sm3073392qko.135.2021.04.12.14.11.25 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Apr 2021 14:11:25 -0700 (PDT) From: Adhemerval Zanella To: libc-alpha@sourceware.org Subject: [PATCH 08/11] misc: syslog: Use CLOC_EXEC with _PATH_CONSOLE (BZ #17145) Date: Mon, 12 Apr 2021 18:11:10 -0300 Message-Id: <20210412211113.393120-8-adhemerval.zanella@linaro.org> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20210412211113.393120-1-adhemerval.zanella@linaro.org> References: <20210412211113.393120-1-adhemerval.zanella@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-12.5 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Apr 2021 21:11:27 -0000 The syslog open the '/dev/console' for LOG_CONS without O_CLOEXEC, which might leak in multithread programs that call fork. Checked on x86_64-linux-gnu. --- misc/syslog.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/misc/syslog.c b/misc/syslog.c index a310eba476..b595889e1c 100644 --- a/misc/syslog.c +++ b/misc/syslog.c @@ -250,7 +250,8 @@ __vsyslog_internal (int pri, const char *fmt, va_list ap, */ int fd; if (LogStat & LOG_CONS && - (fd = __open (_PATH_CONSOLE, O_WRONLY | O_NOCTTY, 0)) >= 0) + (fd = __open (_PATH_CONSOLE, O_WRONLY | O_NOCTTY | O_CLOEXEC, + 0)) >= 0) { __dprintf (fd, "%s\r\n", buf + msgoff); __close (fd); -- 2.27.0