Merge "even more O_CLOEXECs!"

am: bb5b645454 Change-Id: I8435d69b72dbbbc881bbd43c7a640f3460e5777a
2019-01-25 14:43:37 -08:00
parent 84d59ddcf9 bb5b645454
commit 6130adad16
1 changed files with 4 additions and 4 deletions
--- a/core/jni/com_android_internal_os_Zygote.cpp
+++ b/core/jni/com_android_internal_os_Zygote.cpp
@@ -659,7 +659,7 @@ static bool NeedsNoRandomizeWorkaround() {

 // Utility to close down the Zygote socket file descriptors while
 // the child is still running as root with Zygote's privileges.  Each
-// descriptor (if any) is closed via dup2(), replacing it with a valid
+// descriptor (if any) is closed via dup3(), replacing it with a valid
 // (open) descriptor to /dev/null.

 static void DetachDescriptors(JNIEnv* env,
@@ -667,15 +667,15 @@ static void DetachDescriptors(JNIEnv* env,
                              fail_fn_t fail_fn) {

  if (fds_to_close.size() > 0) {
-    android::base::unique_fd devnull_fd(open("/dev/null", O_RDWR));
+    android::base::unique_fd devnull_fd(open("/dev/null", O_RDWR | O_CLOEXEC));
    if (devnull_fd == -1) {
      fail_fn(std::string("Failed to open /dev/null: ").append(strerror(errno)));
    }

    for (int fd : fds_to_close) {
      ALOGV("Switching descriptor %d to /dev/null", fd);
-      if (dup2(devnull_fd, fd) == -1) {
-        fail_fn(StringPrintf("Failed dup2() on descriptor %d: %s", fd, strerror(errno)));
+      if (dup3(devnull_fd, fd, O_CLOEXEC) == -1) {
+        fail_fn(StringPrintf("Failed dup3() on descriptor %d: %s", fd, strerror(errno)));
      }
    }
  }