commit - c56c5d8a20e8209334b5357111eddee0861cddae
commit + 063406214771fb1483c7582bc7bd45f5d6b26c48
blob - 80ebfff77699c5f142553d1bb53741dd96067f3f
blob + 74fe659e70bb073b8f4a4b266a409395c5b01931
--- got/got.c
+++ got/got.c
goto done;
}
} else {
- fd = open(abspath, O_RDONLY | O_NOFOLLOW);
+ fd = open(abspath, O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
if (fd == -1) {
if (!got_err_open_nofollow_on_symlink()) {
err = got_error_from_errno2("open",
blob - 38acc9c78c5f563fd844785003973ca9c8bcd73e
blob + 81cb102bcbf8ddf00aaaf664ea966a84e5765f0b
--- lib/buf.c
+++ lib/buf.c
const struct got_error *err = NULL;
int fd;
open:
- if ((fd = open(path, O_WRONLY|O_CREAT|O_TRUNC, mode)) == -1) {
+ if ((fd = open(path, O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC, mode)) == -1) {
err = got_error_from_errno2("open", path);
if (errno == EACCES && unlink(path) != -1)
goto open;
blob - 52d754a3a69afa383b42fc9f243286a0fecf6e54
blob + 1ddbfbd79094402036ca23f218434375d9870239
--- lib/gotconfig.c
+++ lib/gotconfig.c
if (*conf == NULL)
return got_error_from_errno("calloc");
- fd = open(gotconfig_path, O_RDONLY);
+ fd = open(gotconfig_path, O_RDONLY | O_CLOEXEC);
if (fd == -1) {
if (errno == ENOENT)
return NULL;
blob - 165216e417422d26d0b171457e55841b60a1fe94
blob + f329f0ce1b044f1a4e9d126d1601c61dcec503cf
--- lib/lockfile.c
+++ lib/lockfile.c
GOT_DEFAULT_FILE_MODE);
} else {
(*lf)->fd = open((*lf)->path,
- O_RDONLY | O_CREAT | O_EXCL | O_EXLOCK,
+ O_RDONLY | O_CREAT | O_EXCL | O_EXLOCK | O_CLOEXEC,
GOT_DEFAULT_FILE_MODE);
}
if ((*lf)->fd != -1)
blob - f997c6e8b0b6ca0e1730e6d4660cfef42b2e8ea9
blob + 0e77d684720b67f6919ed8aa2215ca28b4c08ace
--- lib/object.c
+++ lib/object.c
err = got_object_get_path(&path, id, repo);
if (err)
return err;
- *fd = open(path, O_RDONLY | O_NOFOLLOW);
+ *fd = open(path, O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
if (*fd == -1) {
err = got_error_from_errno2("open", path);
goto done;
blob - d171abf9397410bf71dad3f0814476feecd33231
blob + 51c96606e75fe17ae655cdbfbebff6e2b366783c
--- lib/object_create.c
+++ lib/object_create.c
SHA1Init(&sha1_ctx);
- fd = open(ondisk_path, O_RDONLY | O_NOFOLLOW);
+ fd = open(ondisk_path, O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
if (fd == -1) {
if (!got_err_open_nofollow_on_symlink())
return got_error_from_errno2("open", ondisk_path);
blob - c35a92ea03b51f220e0188cf6a0c9afae627094f
blob + 84618978884eb4dafa26d9ca5e223741bb88cf1f
--- lib/path.c
+++ lib/path.c
const struct got_error *err = NULL;
int fd = -1;
- fd = open(path, O_RDWR | O_CREAT | O_EXCL | O_NOFOLLOW,
+ fd = open(path, O_RDWR | O_CREAT | O_EXCL | O_NOFOLLOW | O_CLOEXEC,
GOT_DEFAULT_FILE_MODE);
if (fd == -1) {
err = got_error_from_errno2("open", path);
blob - a5d6593a9f5cdcacb01699ad5efa1bbfc2aa78f8
blob + 1a48cc6fbe11cca415c2f0cf8bec78db23888941
--- lib/repository.c
+++ lib/repository.c
err = got_error_from_errno("strdup");
goto done;
}
- repo->gitdir_fd = open(repo->path_git_dir, O_DIRECTORY);
+ repo->gitdir_fd = open(repo->path_git_dir,
+ O_DIRECTORY | O_CLOEXEC);
if (repo->gitdir_fd == -1) {
err = got_error_from_errno2("open",
repo->path_git_dir);
err = got_error_from_errno("strdup");
goto done;
}
- repo->gitdir_fd = open(repo->path_git_dir, O_DIRECTORY);
+ repo->gitdir_fd = open(repo->path_git_dir,
+ O_DIRECTORY | O_CLOEXEC);
if (repo->gitdir_fd == -1) {
err = got_error_from_errno2("open",
repo->path_git_dir);
if (gitconfig_owner)
*gitconfig_owner = NULL;
- fd = open(gitconfig_path, O_RDONLY);
+ fd = open(gitconfig_path, O_RDONLY | O_CLOEXEC);
if (fd == -1) {
if (errno == ENOENT)
return NULL;
blob - f73c38388a2637a76122e000a939cc43c4314c89
blob + 6b3999173b914646a3f1c15bceeafb2cb21db292
--- lib/repository_admin.c
+++ lib/repository_admin.c
goto done;
}
- packfd = open(packfile_path, O_RDONLY | O_NOFOLLOW);
+ packfd = open(packfile_path, O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
if (packfd == -1) {
err = got_error_from_errno2("open", packfile_path);
goto done;
blob - d94768b2398accc766c38e127453d48e2393841b
blob + 2dcfd9925316591111540d22e46e18eda34a0249
--- lib/worktree.c
+++ lib/worktree.c
goto done;
} else {
int fd;
- fd = open(ondisk_path, O_RDONLY | O_NOFOLLOW);
+ fd = open(ondisk_path, O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
if (fd == -1) {
err = got_error_from_errno2("open", ondisk_path);
goto done;
* caller. If we can successfully open a regular file then we simply
* replace this file with a symlink below.
*/
- fd = open(ondisk_path, O_RDWR | O_EXCL | O_NOFOLLOW);
+ fd = open(ondisk_path, O_RDWR | O_EXCL | O_NOFOLLOW | O_CLOEXEC);
if (fd == -1) {
if (!got_err_open_nofollow_on_symlink())
return got_error_from_errno2("open", ondisk_path);
int update = 0;
char *tmppath = NULL;
- fd = open(ondisk_path, O_RDWR | O_CREAT | O_EXCL | O_NOFOLLOW,
- GOT_DEFAULT_FILE_MODE);
+ fd = open(ondisk_path, O_RDWR | O_CREAT | O_EXCL | O_NOFOLLOW |
+ O_CLOEXEC, GOT_DEFAULT_FILE_MODE);
if (fd == -1) {
if (errno == ENOENT) {
char *parent;
if (err)
return err;
fd = open(ondisk_path,
- O_RDWR | O_CREAT | O_EXCL | O_NOFOLLOW,
+ O_RDWR | O_CREAT | O_EXCL | O_NOFOLLOW | O_CLOEXEC,
GOT_DEFAULT_FILE_MODE);
if (fd == -1)
return got_error_from_errno2("open",
goto done;
}
} else {
- fd = open(abspath, O_RDONLY | O_NOFOLLOW);
+ fd = open(abspath, O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
if (fd == -1 && errno != ENOENT &&
!got_err_open_nofollow_on_symlink())
return got_error_from_errno2("open", abspath);
if (err)
goto done;
- fd = open(ondisk_path, O_RDONLY | O_NOFOLLOW);
+ fd = open(ondisk_path, O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
if (fd == -1) {
err = got_error_from_errno2("open",
ondisk_path);
worktree->root_path, path[0] ? "/" : "", path) == -1)
return got_error_from_errno("asprintf");
- fd = open(ondisk_path, O_RDONLY | O_NOFOLLOW | O_DIRECTORY);
+ fd = open(ondisk_path, O_RDONLY | O_NOFOLLOW | O_DIRECTORY | O_CLOEXEC);
if (fd == -1) {
if (errno != ENOTDIR && errno != ENOENT && errno != EACCES &&
!got_err_open_nofollow_on_symlink())
sb2.st_size = link_len;
}
} else {
- fd2 = open(path2, O_RDONLY | O_NOFOLLOW);
+ fd2 = open(path2, O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
if (fd2 == -1) {
if (!got_err_open_nofollow_on_symlink()) {
err = got_error_from_errno2("open", path2);
goto done;
} else {
int fd;
- fd = open(ondisk_path, O_RDONLY | O_NOFOLLOW);
+ fd = open(ondisk_path,
+ O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
if (fd == -1) {
err = got_error_from_errno2("open", ondisk_path);
goto done;
blob - b1be918797b1c5017af449c92ce580ae9a11ffe9
blob + c2e7cf9af0b789d231a7426c323a6b7ddfafb726
--- lib/worktree_open.c
+++ lib/worktree_open.c
goto done;
}
- fd = open(path, O_RDONLY | O_NOFOLLOW);
+ fd = open(path, O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
if (fd == -1) {
if (errno == ENOENT)
err = got_error_path(path, GOT_ERR_WORKTREE_META);
goto done;
}
- fd = open(path_lock, O_RDWR | O_EXLOCK | O_NONBLOCK);
+ fd = open(path_lock, O_RDWR | O_EXLOCK | O_NONBLOCK | O_CLOEXEC);
if (fd == -1) {
err = (errno == EWOULDBLOCK ? got_error(GOT_ERR_WORKTREE_BUSY)
: got_error_from_errno2("open", path_lock));
err = got_gotconfig_read(&(*worktree)->gotconfig,
(*worktree)->gotconfig_path);
- (*worktree)->root_fd = open((*worktree)->root_path, O_DIRECTORY);
+ (*worktree)->root_fd = open((*worktree)->root_path,
+ O_DIRECTORY | O_CLOEXEC);
if ((*worktree)->root_fd == -1) {
err = got_error_from_errno2("open", (*worktree)->root_path);
goto done;