diff options
author | DJ Delorie <dj@delorie.com> | 2020-12-02 16:14:27 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-12-02 16:14:27 -0500 |
commit | 5c63b463b87d3c06102a4a7f05f395929d9ea79b (patch) | |
tree | 7359288a2063d05d005658d89df0e8370ede7387 /src | |
parent | cb8474368cdef3207638d047bd6c707ad8fcb339 (diff) | |
download | libffi-5c63b463b87d3c06102a4a7f05f395929d9ea79b.tar.gz |
Use memfd_create() (#604)
memfd_create creates a file in a memory-only filesystem that may
bypass strict security protocols in filesystem-based temporary
files.
Diffstat (limited to 'src')
-rw-r--r-- | src/closures.c | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/src/closures.c b/src/closures.c index 4fe6158..dfc2f68 100644 --- a/src/closures.c +++ b/src/closures.c @@ -45,6 +45,9 @@ #include <stddef.h> #include <unistd.h> +#ifdef HAVE_SYS_MEMFD_H +#include <sys/memfd.h> +#endif static const size_t overhead = (sizeof(max_align_t) > sizeof(void *) + sizeof(size_t)) ? @@ -544,6 +547,17 @@ static int execfd = -1; /* The amount of space already allocated from the temporary file. */ static size_t execsize = 0; +#ifdef HAVE_MEMFD_CREATE +/* Open a temporary file name, and immediately unlink it. */ +static int +open_temp_exec_file_memfd (const char *name) +{ + int fd; + fd = memfd_create (name, MFD_CLOEXEC); + return fd; +} +#endif + /* Open a temporary file name, and immediately unlink it. */ static int open_temp_exec_file_name (char *name, int flags) @@ -671,6 +685,9 @@ static struct const char *arg; int repeat; } open_temp_exec_file_opts[] = { +#ifdef HAVE_MEMFD_CREATE + { open_temp_exec_file_memfd, "libffi", 0 }, +#endif { open_temp_exec_file_env, "TMPDIR", 0 }, { open_temp_exec_file_dir, "/tmp", 0 }, { open_temp_exec_file_dir, "/var/tmp", 0 }, |