diff options
| author | Adhemerval Zanella <adhemerval.zanella@linaro.org> | 2024-05-06 13:20:56 -0300 |
|---|---|---|
| committer | Adhemerval Zanella <adhemerval.zanella@linaro.org> | 2024-06-25 13:51:16 -0300 |
| commit | 74630b1bb717fb98f4692261f2be8d5c84851fa3 (patch) | |
| tree | 17d802a9463f46ea3c00b44d2c29cc7f2fbd0776 /NEWS | |
| parent | 7f9f25f255ee2c00178779fbce502f4b94b848b9 (diff) | |
| download | glibc-74630b1bb717fb98f4692261f2be8d5c84851fa3.zip glibc-74630b1bb717fb98f4692261f2be8d5c84851fa3.tar.gz glibc-74630b1bb717fb98f4692261f2be8d5c84851fa3.tar.bz2 | |
posix: Fix pidfd_spawn/pidfd_spawnp leak if execve fails (BZ 31695)
If the pidfd_spawn/pidfd_spawnp helper process succeeds, but evecve
fails for some reason (either with an invalid/non-existent, memory
allocation, etc.) the resulting pidfd is never closed, nor returned
to caller (so it can call close).
Since the process creation failed, it should be up to posix_spawn to
also, close the file descriptor in this case (similar to what it
does to reap the process).
This patch also changes the waitpid with waitid (P_PIDFD) for pidfd
case, to avoid a possible pid re-use.
Checked on x86_64-linux-gnu.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
(cherry picked from commit c90cfce849d010474e8cccf3e5bff49a2c8b141f)
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 1 |
1 files changed, 1 insertions, 0 deletions
@@ -64,6 +64,7 @@ The following bugs are resolved with this release: strings [31686] dynamic-link: Stack-based buffer overflow in parse_tunables_string + [31695] libc: pidfd_spawn/pidfd_spawnp leak an fd if clone3 succeeds [31719] dynamic-link: --enable-hardcoded-path-in-tests doesn't work with -Wl,--enable-new-dtags [31782] Test build failure with recent GCC trunk |