ExternalVendorCode/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-01-29 15:43:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Close all open FDs before exec in Unix software update code.

Browse Source
This commit is contained in:
Adam Ierymenko 2017-03-07 09:26:27 -08:00
parent 3859533e73
commit 1d2cb867b2
1 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
service/SoftwareUpdater.cpp
View File

@ -392,6 +392,9 @@ void SoftwareUpdater::apply()
memset(&si,0,sizeof(si)); memset(&si,0,sizeof(si));
memset(&pi,0,sizeof(pi)); memset(&pi,0,sizeof(pi));
CreateProcessA(NULL,const_cast<LPSTR>(updatePath.c_str()),NULL,NULL,FALSE,CREATE_NO_WINDOW|CREATE_NEW_PROCESS_GROUP,NULL,NULL,&si,&pi); CreateProcessA(NULL,const_cast<LPSTR>(updatePath.c_str()),NULL,NULL,FALSE,CREATE_NO_WINDOW|CREATE_NEW_PROCESS_GROUP,NULL,NULL,&si,&pi);
// Windows doesn't exit here -- updater will stop the service during update, etc. -- but we do want to stop multiple runs from happening
_latestMeta = nlohmann::json();
_latestValid = false;
#else #else
char *argv[256]; char *argv[256];
unsigned long ac = 0; unsigned long ac = 0;
@ -403,7 +406,25 @@ void SoftwareUpdater::apply()
} }
argv[ac] = (char *)0; argv[ac] = (char *)0;
chmod(updatePath.c_str(),0700); chmod(updatePath.c_str(),0700);
// Close all open file descriptors except stdout/stderr/etc.
int minMyFd = STDIN_FILENO;
if (STDOUT_FILENO > minMyFd) minMyFd = STDOUT_FILENO;
if (STDERR_FILENO > minMyFd) minMyFd = STDERR_FILENO;
++minMyFd;
#ifdef _SC_OPEN_MAX
int maxMyFd = (int)sysconf(_SC_OPEN_MAX);
if (maxMyFd <= minMyFd)
maxMyFd = 65536;
#else
int maxMyFd = 65536;
#endif
while (minMyFd < maxMyFd)
close(minMyFd++);
execv(updatePath.c_str(),argv); execv(updatePath.c_str(),argv);
fprintf(stderr,"FATAL: unable to execute software update binary at %s\n",updatePath.c_str());
exit(1);
#endif #endif
} }
} }