dumpstate: add O_CLOEXEC
Add O_CLOEXEC to various file descriptor calls, to avoid
leaking file descriptors to dumpstate's child processes.
Bug: 18342188
Change-Id: I74c47a98dfddc29c618067ad53d879b98ed1d87a
diff --git a/cmds/dumpstate/dumpstate.c b/cmds/dumpstate/dumpstate.c
index 84f079d..f69a72d 100644
--- a/cmds/dumpstate/dumpstate.c
+++ b/cmds/dumpstate/dumpstate.c
@@ -440,7 +440,7 @@
/* set as high priority, and protect from OOM killer */
setpriority(PRIO_PROCESS, 0, -20);
- FILE *oom_adj = fopen("/proc/self/oom_adj", "w");
+ FILE *oom_adj = fopen("/proc/self/oom_adj", "we");
if (oom_adj) {
fputs("-17", oom_adj);
fclose(oom_adj);
@@ -473,15 +473,14 @@
/* open the vibrator before dropping root */
FILE *vibrator = 0;
if (do_vibrate) {
- vibrator = fopen("/sys/class/timed_output/vibrator/enable", "w");
+ vibrator = fopen("/sys/class/timed_output/vibrator/enable", "we");
if (vibrator) {
- fcntl(fileno(vibrator), F_SETFD, FD_CLOEXEC);
vibrate(vibrator, 150);
}
}
/* read /proc/cmdline before dropping root */
- FILE *cmdline = fopen("/proc/cmdline", "r");
+ FILE *cmdline = fopen("/proc/cmdline", "re");
if (cmdline != NULL) {
fgets(cmdline_buf, sizeof(cmdline_buf), cmdline);
fclose(cmdline);
diff --git a/cmds/dumpstate/utils.c b/cmds/dumpstate/utils.c
index 27b9fb1..cf14c8b 100644
--- a/cmds/dumpstate/utils.c
+++ b/cmds/dumpstate/utils.c
@@ -104,7 +104,7 @@
sprintf(cmdpath,"/proc/%d/cmdline", pid);
memset(cmdline, 0, sizeof(cmdline));
- if ((fd = TEMP_FAILURE_RETRY(open(cmdpath, O_RDONLY))) < 0) {
+ if ((fd = TEMP_FAILURE_RETRY(open(cmdpath, O_RDONLY | O_CLOEXEC))) < 0) {
strcpy(cmdline, "N/A");
} else {
read(fd, cmdline, sizeof(cmdline) - 1);
@@ -155,7 +155,7 @@
sprintf(commpath,"/proc/%d/comm", tid);
memset(comm, 0, sizeof(comm));
- if ((fd = TEMP_FAILURE_RETRY(open(commpath, O_RDONLY))) < 0) {
+ if ((fd = TEMP_FAILURE_RETRY(open(commpath, O_RDONLY | O_CLOEXEC))) < 0) {
strcpy(comm, "N/A");
} else {
char *c;
@@ -186,7 +186,7 @@
memset(buffer, 0, sizeof(buffer));
sprintf(path, "/proc/%d/wchan", tid);
- if ((fd = TEMP_FAILURE_RETRY(open(path, O_RDONLY))) < 0) {
+ if ((fd = TEMP_FAILURE_RETRY(open(path, O_RDONLY | O_CLOEXEC))) < 0) {
printf("Failed to open '%s' (%s)\n", path, strerror(errno));
return;
}
@@ -499,6 +499,7 @@
fprintf(stderr, "android_get_control_socket(%s): %s\n", service, strerror(errno));
exit(1);
}
+ fcntl(s, F_SETFD, FD_CLOEXEC);
if (listen(s, 4) < 0) {
fprintf(stderr, "listen(control socket): %s\n", strerror(errno));
exit(1);
@@ -535,7 +536,7 @@
}
}
- int fd = TEMP_FAILURE_RETRY(open(path, O_WRONLY | O_CREAT | O_TRUNC,
+ int fd = TEMP_FAILURE_RETRY(open(path, O_WRONLY | O_CREAT | O_TRUNC | O_CLOEXEC,
S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH));
if (fd < 0) {
fprintf(stderr, "%s: %s\n", path, strerror(errno));
@@ -591,7 +592,7 @@
}
/* create a new, empty traces.txt file to receive stack dumps */
- int fd = TEMP_FAILURE_RETRY(open(traces_path, O_CREAT | O_WRONLY | O_TRUNC | O_NOFOLLOW,
+ int fd = TEMP_FAILURE_RETRY(open(traces_path, O_CREAT | O_WRONLY | O_TRUNC | O_NOFOLLOW | O_CLOEXEC,
0666)); /* -rw-rw-rw- */
if (fd < 0) {
fprintf(stderr, "%s: %s\n", traces_path, strerror(errno));
@@ -642,7 +643,7 @@
if (!strncmp(data, "/system/bin/app_process", strlen("/system/bin/app_process"))) {
/* skip zygote -- it won't dump its stack anyway */
snprintf(path, sizeof(path), "/proc/%d/cmdline", pid);
- int cfd = TEMP_FAILURE_RETRY(open(path, O_RDONLY));
+ int cfd = TEMP_FAILURE_RETRY(open(path, O_RDONLY | O_CLOEXEC));
len = read(cfd, data, sizeof(data) - 1);
close(cfd);
if (len <= 0) {
@@ -727,7 +728,7 @@
void dump_route_tables() {
const char* const RT_TABLES_PATH = "/data/misc/net/rt_tables";
dump_file("RT_TABLES", RT_TABLES_PATH);
- FILE* fp = fopen(RT_TABLES_PATH, "r");
+ FILE* fp = fopen(RT_TABLES_PATH, "re");
if (!fp) {
printf("*** %s: %s\n", RT_TABLES_PATH, strerror(errno));
return;