Commit `acdf988c24`

mlugg <mlugg@mlugg.co.uk>

2024-05-26 02:50:54

std.process.Child: prevent racing children from inheriting progress pipes

This fix is already in master branch for stdin, stdout, and stderr; this commit solves the same problem but for the progress pipe. Both fixes were originally included in one commit on this branch, however it was split it into two so that master branch could receive the fix before the progress branch is merged.

master

1 parent 9331da8

Changed files (1)

lib

std

process

Child.zig

@@ -587,8 +587,8 @@ fn spawnPosix(self: *ChildProcess) SpawnError!void {
         if (self.progress_node.index == .none) {
             break :p .{ -1, -1 };
         } else {
-            // No CLOEXEC because the child needs access to this file descriptor.
-            break :p try posix.pipe2(.{ .NONBLOCK = true });
+            // We use CLOEXEC for the same reason as in `pipe_flags`.
+            break :p try posix.pipe2(.{ .NONBLOCK = true, .CLOEXEC = true });
         }
     };
     errdefer destroyPipe(prog_pipe);
@@ -655,11 +655,6 @@ fn spawnPosix(self: *ChildProcess) SpawnError!void {
         setUpChildIo(self.stderr_behavior, stderr_pipe[1], posix.STDERR_FILENO, dev_null_fd) catch |err| forkChildErrReport(err_pipe[1], err);
         if (prog_pipe[1] != -1) posix.dup2(prog_pipe[1], prog_fileno) catch |err| forkChildErrReport(err_pipe[1], err);
 
-        if (prog_pipe[1] != -1) {
-            if (prog_pipe[0] != prog_fileno) posix.close(prog_pipe[0]);
-            if (prog_pipe[1] != prog_fileno) posix.close(prog_pipe[1]);
-        }
-
         if (self.cwd_dir) |cwd| {
             posix.fchdir(cwd.fd) catch |err| forkChildErrReport(err_pipe[1], err);
         } else if (self.cwd) |cwd| {

Commit acdf988c24

Commit `acdf988c24`