From 533deafbdf189f5fbb280c28562dd43ace2f4b0f Mon Sep 17 00:00:00 2001
From: Sergey Bugaev <bugaevc@gmail.com>
Date: Wed, 19 Apr 2023 19:02:03 +0300
Subject: Use O_CLOEXEC in more places (BZ #15722)

When opening a temporary file without O_CLOEXEC we risk leaking the
file descriptor if another thread calls (fork and then) exec while we
have the fd open. Fix this by consistently passing O_CLOEXEC everywhere
where we open a file for internal use (and not to return it to the user,
in which case the API defines whether or not the close-on-exec flag
shall be set on the returned fd).

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Signed-off-by: Sergey Bugaev <bugaevc@gmail.com>
Message-Id: <20230419160207.65988-4-bugaevc@gmail.com>
---
 elf/dl-profile.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'elf')

diff --git a/elf/dl-profile.c b/elf/dl-profile.c
index 2ecac05..d8345da 100644
--- a/elf/dl-profile.c
+++ b/elf/dl-profile.c
@@ -324,7 +324,8 @@ _dl_start_profile (void)
   *cp++ = '/';
   __stpcpy (__stpcpy (cp, GLRO(dl_profile)), ".profile");
 
-  fd = __open64_nocancel (filename, O_RDWR|O_CREAT|O_NOFOLLOW, DEFFILEMODE);
+  fd = __open64_nocancel (filename, O_RDWR | O_CREAT | O_NOFOLLOW
+			  | O_CLOEXEC, DEFFILEMODE);
   if (fd == -1)
     {
       char buf[400];
-- 
cgit v1.1