open files with O_CLOEXEC when possible

This helps prevent leaked file descriptors when the library is used in a process which exec's. opendir() already uses O_CLOEXEC on platforms that support O_CLOEXEC so we don't need to make changes there. In addition read config files using p11_mmap_open() so that we get the simple benefits of O_CLOEXEC with the open() call there. https://bugzilla.redhat.com/show_bug.cgi?id=984986
author: Stef Walter <stef@thewalter.net> 2013-07-16 22:43:37 +0200
committer: Stef Walter <stef@thewalter.net> 2013-07-18 09:25:44 +0200
commit: 7dbd451b075e007abd1d398ccfdcf3f91e2658cf (patch)
tree: 1a46f82363ecd7fc598a78756adb8e8f1ee98337
parent: 9d96f891fdf6267b72fbc60acc862dfd6d410a26 (diff)
download: p11-kit-7dbd451b075e007abd1d398ccfdcf3f91e2658cf.tar.gz
4 files changed, 46 insertions, 79 deletions
diff --git a/common/compat.c b/common/compat.c
index 4d8d73c..589a8a4 100644
--- a/common/compat.c
+++ b/common/compat.c
@@ -192,7 +192,7 @@ p11_mmap_open (const char *path,
 	if (map == NULL)
 		return NULL;
 
-	map->fd = open (path, O_RDONLY);
+	map->fd = open (path, O_RDONLY | O_CLOEXEC);
 	if (map->fd == -1) {
 		free (map);
 		return NULL;
@@ -292,14 +292,20 @@ p11_mmap_open (const char *path,
 	p11_mmap *map;
 
 	map = calloc (1, sizeof (p11_mmap));
-	if (map == NULL)
+	if (map == NULL) {
+		errno = ENOMEM;
 		return NULL;
+	}
 
 	map->file  = CreateFile (path, GENERIC_READ, 0, NULL, OPEN_EXISTING, FILE_FLAG_RANDOM_ACCESS, NULL);
 	if (map->file == INVALID_HANDLE_VALUE) {
 		errn = GetLastError ();
 		free (map);
 		SetLastError (errn);
+		if (errn == ERROR_PATH_NOT_FOUND || errn == ERROR_FILE_NOT_FOUND)
+			errno = ENOENT;
+		else if (errn == ERROR_ACCESS_DENIED)
+			errno = EPERM;
 		return NULL;
 	}
 
@@ -308,6 +314,8 @@ p11_mmap_open (const char *path,
 		CloseHandle (map->file);
 		free (map);
 		SetLastError (errn);
+		if (errn == ERROR_ACCESS_DENIED)
+			errno = EPERM;
 		return NULL;
 	}
 
@@ -317,6 +325,8 @@ p11_mmap_open (const char *path,
 		CloseHandle (map->file);
 		free (map);
 		SetLastError (errn);
+		if (errn == ERROR_ACCESS_DENIED)
+			errno = EPERM;
 		return NULL;
 	}
 
@@ -328,6 +338,8 @@ p11_mmap_open (const char *path,
 		CloseHandle (map->file);
 		free (map);
 		SetLastError (errn);
+		if (errn == ERROR_ACCESS_DENIED)
+			errno = EPERM;
 		return NULL;
 	}
 
@@ -670,7 +682,7 @@ _gettemp (char *path,
 
 	for (;;) {
 		if (doopen) {
-			if ((*doopen = open (path, O_BINARY | O_CREAT | O_EXCL | O_RDWR, 0600)) >= 0)
+			if ((*doopen = open (path, O_BINARY | O_CREAT | O_EXCL | O_RDWR | O_CLOEXEC, 0600)) >= 0)
 				return (1);
 			if (errno != EEXIST)
 				return (0);
diff --git a/common/compat.h b/common/compat.h
index 7435e07..ab647b8 100644
--- a/common/compat.h
+++ b/common/compat.h
@@ -68,6 +68,10 @@
 #define O_BINARY 0
 #endif
 
+#ifndef O_CLOEXEC
+#define O_CLOEXEC 0
+#endif
+
 #ifndef HAVE_GETPROGNAME
 const char * getprogname (void);
 #endif
diff --git a/p11-kit/conf.c b/p11-kit/conf.c
index a2b46c4..7f3bc68 100644
--- a/p11-kit/conf.c
+++ b/p11-kit/conf.c
@@ -67,76 +67,6 @@ strequal (const char *one, const char *two)
  * CONFIG PARSER
  */
 
-static char *
-read_config_file (const char* filename,
-                  int flags,
-                  size_t *length)
-{
-	char* config = NULL;
-	FILE* f = NULL;
-	int error = 0;
-	long len;
-
-	assert (filename);
-
-	f = fopen (filename, "rb");
-	if (f == NULL) {
-		error = errno;
-		if ((flags & CONF_IGNORE_MISSING) &&
-		    (error == ENOENT || error == ENOTDIR)) {
-			p11_debug ("config file does not exist");
-			config = strdup ("\n");
-			*length = 0;
-			return_val_if_fail (config != NULL, NULL);
-			return config;
-
-		} else if ((flags & CONF_IGNORE_ACCESS_DENIED) &&
-		           (error == EPERM || error == EACCES)) {
-			p11_debug ("config file is inaccessible");
-			config = strdup ("");
-			*length = 0;
-			return_val_if_fail (config != NULL, NULL);
-			return config;
-		}
-		p11_message ("couldn't open config file: %s: %s", filename,
-		             strerror (error));
-		errno = error;
-		return NULL;
-	}
-
-	/* Figure out size */
-	if (fseek (f, 0, SEEK_END) == -1 ||
-	    (len = ftell (f)) == -1 ||
-	    fseek (f, 0, SEEK_SET) == -1) {
-		error = errno;
-		p11_message ("couldn't seek config file: %s", filename);
-		errno = error;
-		return NULL;
-	}
-
-	config = malloc (len + 2);
-	if (config == NULL) {
-		p11_message ("config file is too large to read into memory: %lu", len);
-		errno = ENOMEM;
-		return NULL;
-	}
-
-	/* And read in one block */
-	if (fread (config, 1, len, f) != len) {
-		error = errno;
-		p11_message ("couldn't read config file: %s", filename);
-		free (config);
-		errno = error;
-		return NULL;
-	}
-
-	fclose (f);
-
-	/* Null terminate the data */
-	*length = len;
-	return config;
-}
-
 bool
 _p11_conf_merge_defaults (p11_dict *map,
                           p11_dict *defaults)
@@ -165,22 +95,43 @@ p11_dict *
 _p11_conf_parse_file (const char* filename, int flags)
 {
 	p11_dict *map = NULL;
-	char *data;
+	void *data;
 	p11_lexer lexer;
 	bool failed = false;
 	size_t length;
+	p11_mmap *mmap;
+	int error;
 
 	assert (filename);
 
 	p11_debug ("reading config file: %s", filename);
 
-	data = read_config_file (filename, flags, &length);
-	if (!data)
-		return NULL;
+	mmap = p11_mmap_open (filename, &data, &length);
+	if (mmap == NULL) {
+		error = errno;
+		if ((flags & CONF_IGNORE_MISSING) &&
+		    (error == ENOENT || error == ENOTDIR)) {
+			p11_debug ("config file does not exist");
+
+		} else if ((flags & CONF_IGNORE_ACCESS_DENIED) &&
+		           (error == EPERM || error == EACCES)) {
+			p11_debug ("config file is inaccessible");
+
+		} else {
+			p11_message ("couldn't open config file: %s: %s", filename,
+			             strerror (error));
+			errno = error;
+			return NULL;
+		}
+	}
 
 	map = p11_dict_new (p11_dict_str_hash, p11_dict_str_equal, free, free);
 	return_val_if_fail (map != NULL, NULL);
 
+	/* Empty config fall through above */
+	if (mmap == NULL)
+		return map;
+
 	p11_lexer_init (&lexer, filename, data, length);
 	while (p11_lexer_next (&lexer, &failed)) {
 		switch (lexer.tok_type) {
@@ -210,7 +161,7 @@ _p11_conf_parse_file (const char* filename, int flags)
 	}
 
 	p11_lexer_done (&lexer);
-	free (data);
+	p11_mmap_close (mmap);
 
 	if (failed) {
 		p11_dict_free (map);
diff --git a/p11-kit/pin.c b/p11-kit/pin.c
index b64b737..60571de 100644
--- a/p11-kit/pin.c
+++ b/p11-kit/pin.c
@@ -466,7 +466,7 @@ p11_kit_pin_file_callback (const char *pin_source,
 	if (pin_flags & P11_KIT_PIN_FLAGS_RETRY)
 		return NULL;
 
-	fd = open (pin_source, O_BINARY | O_RDONLY);
+	fd = open (pin_source, O_BINARY | O_RDONLY | O_CLOEXEC);
 	if (fd == -1)
 		return NULL;
author	Stef Walter <stef@thewalter.net>	2013-07-16 22:43:37 +0200
committer	Stef Walter <stef@thewalter.net>	2013-07-18 09:25:44 +0200
commit	7dbd451b075e007abd1d398ccfdcf3f91e2658cf (patch)
tree	1a46f82363ecd7fc598a78756adb8e8f1ee98337
parent	9d96f891fdf6267b72fbc60acc862dfd6d410a26 (diff)
download	p11-kit-7dbd451b075e007abd1d398ccfdcf3f91e2658cf.tar.gz