commit - 00fe21f262ab567bb792120514b49b37236c5422
commit + 8bd0cdad05519cbb08d8d11223bdde0472678150
blob - 3ed755af645b180970e90d42b138fb2269beb206
blob + 49c56bc9c0b68bfb9d7d28804b171f641b6baef8
--- got/got.c
+++ got/got.c
goto done;
}
} else {
- fd = open(abspath, O_RDONLY | O_NOFOLLOW);
+ fd = open(abspath, O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
if (fd == -1) {
if (!got_err_open_nofollow_on_symlink()) {
err = got_error_from_errno2("open",
blob - f17dddcabf8aa19fd01c17dec68dc1a8ec2dd748
blob + 05d16ce90ea867ddc912cd1321d68b0262228307
--- lib/buf.c
+++ lib/buf.c
const struct got_error *err = NULL;
int fd;
open:
- if ((fd = open(path, O_WRONLY|O_CREAT|O_TRUNC, mode)) == -1) {
+ if ((fd = open(path, O_WRONLY|O_CREAT|O_TRUNC|O_CLOEXEC, mode)) == -1) {
err = got_error_from_errno2("open", path);
if (errno == EACCES && unlink(path) != -1)
goto open;
blob - 7133ec58bdbaf535f13ad65c71428d7eb891a975
blob + 664f170821f75b4356a1f141c1aebcf860ac1868
--- lib/gotconfig.c
+++ lib/gotconfig.c
if (*conf == NULL)
return got_error_from_errno("calloc");
- fd = open(gotconfig_path, O_RDONLY);
+ fd = open(gotconfig_path, O_RDONLY | O_CLOEXEC);
if (fd == -1) {
if (errno == ENOENT)
return NULL;
blob - 846038c091fec21e8c028ab14a6fcdb0ea52c913
blob + 7d5db032fc35c2694da442ac214b29a5307fbc8f
--- lib/lockfile.c
+++ lib/lockfile.c
GOT_DEFAULT_FILE_MODE);
} else {
(*lf)->fd = open((*lf)->path,
- O_RDONLY | O_CREAT | O_EXCL | O_EXLOCK,
+ O_RDONLY | O_CREAT | O_EXCL | O_EXLOCK | O_CLOEXEC,
GOT_DEFAULT_FILE_MODE);
}
if ((*lf)->fd != -1)
blob - 5cfc0aee3892c25a4378b608302c31ca629fcabd
blob + a4cf395476aee75f57a0281a2184b91a09e360e3
--- lib/object.c
+++ lib/object.c
err = got_object_get_path(&path, id, repo);
if (err)
return err;
- *fd = open(path, O_RDONLY | O_NOFOLLOW);
+ *fd = open(path, O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
if (*fd == -1) {
err = got_error_from_errno2("open", path);
goto done;
blob - 00534701c31ba3b8106d4b8a5c90d239e6320279
blob + e5e4c44c8a0327211b0094775682f2bed8ea42a8
--- lib/object_create.c
+++ lib/object_create.c
SHA1Init(&sha1_ctx);
- fd = open(ondisk_path, O_RDONLY | O_NOFOLLOW);
+ fd = open(ondisk_path, O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
if (fd == -1) {
if (!got_err_open_nofollow_on_symlink())
return got_error_from_errno2("open", ondisk_path);
blob - d94d085c6a81b1232aacfe54421d5ffa740b8393
blob + a00402e5edffaefb92ba18770b49fc07c8826c58
--- lib/path.c
+++ lib/path.c
const struct got_error *err = NULL;
int fd = -1;
- fd = open(path, O_RDWR | O_CREAT | O_EXCL | O_NOFOLLOW,
+ fd = open(path, O_RDWR | O_CREAT | O_EXCL | O_NOFOLLOW | O_CLOEXEC,
GOT_DEFAULT_FILE_MODE);
if (fd == -1) {
err = got_error_from_errno2("open", path);
blob - 3c4b83d77f6d8a35b74a2aeaffe36f60f8f0a7c3
blob + 76be29a1defe649f248e3d3f58461d3750f2cf49
--- lib/repository.c
+++ lib/repository.c
err = got_error_from_errno("strdup");
goto done;
}
- repo->gitdir_fd = open(repo->path_git_dir, O_DIRECTORY);
+ repo->gitdir_fd = open(repo->path_git_dir,
+ O_DIRECTORY | O_CLOEXEC);
if (repo->gitdir_fd == -1) {
err = got_error_from_errno2("open",
repo->path_git_dir);
err = got_error_from_errno("strdup");
goto done;
}
- repo->gitdir_fd = open(repo->path_git_dir, O_DIRECTORY);
+ repo->gitdir_fd = open(repo->path_git_dir,
+ O_DIRECTORY | O_CLOEXEC);
if (repo->gitdir_fd == -1) {
err = got_error_from_errno2("open",
repo->path_git_dir);
if (gitconfig_owner)
*gitconfig_owner = NULL;
- fd = open(gitconfig_path, O_RDONLY);
+ fd = open(gitconfig_path, O_RDONLY | O_CLOEXEC);
if (fd == -1) {
if (errno == ENOENT)
return NULL;
blob - d7d0ab9f80f5bc272b6a81a901c3647364c3e962
blob + 3eb6c068c9ec8ad604a9aed5b210039352af5827
--- lib/repository_admin.c
+++ lib/repository_admin.c
goto done;
}
- packfd = open(packfile_path, O_RDONLY | O_NOFOLLOW);
+ packfd = open(packfile_path, O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
if (packfd == -1) {
err = got_error_from_errno2("open", packfile_path);
goto done;
blob - 5cb71cf2d175571202994bb618fbe611d6b96a53
blob + 213dabaab415529a22bc24fe5a59b6232be0184a
--- lib/worktree.c
+++ lib/worktree.c
goto done;
} else {
int fd;
- fd = open(ondisk_path, O_RDONLY | O_NOFOLLOW);
+ fd = open(ondisk_path, O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
if (fd == -1) {
err = got_error_from_errno2("open", ondisk_path);
goto done;
* caller. If we can successfully open a regular file then we simply
* replace this file with a symlink below.
*/
- fd = open(ondisk_path, O_RDWR | O_EXCL | O_NOFOLLOW);
+ fd = open(ondisk_path, O_RDWR | O_EXCL | O_NOFOLLOW | O_CLOEXEC);
if (fd == -1) {
if (!got_err_open_nofollow_on_symlink())
return got_error_from_errno2("open", ondisk_path);
int update = 0;
char *tmppath = NULL;
- fd = open(ondisk_path, O_RDWR | O_CREAT | O_EXCL | O_NOFOLLOW,
- GOT_DEFAULT_FILE_MODE);
+ fd = open(ondisk_path, O_RDWR | O_CREAT | O_EXCL | O_NOFOLLOW |
+ O_CLOEXEC, GOT_DEFAULT_FILE_MODE);
if (fd == -1) {
if (errno == ENOENT) {
char *parent;
if (err)
return err;
fd = open(ondisk_path,
- O_RDWR | O_CREAT | O_EXCL | O_NOFOLLOW,
+ O_RDWR | O_CREAT | O_EXCL | O_NOFOLLOW | O_CLOEXEC,
GOT_DEFAULT_FILE_MODE);
if (fd == -1)
return got_error_from_errno2("open",
goto done;
}
} else {
- fd = open(abspath, O_RDONLY | O_NOFOLLOW);
+ fd = open(abspath, O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
if (fd == -1 && errno != ENOENT &&
!got_err_open_nofollow_on_symlink())
return got_error_from_errno2("open", abspath);
if (err)
goto done;
- fd = open(ondisk_path, O_RDONLY | O_NOFOLLOW);
+ fd = open(ondisk_path, O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
if (fd == -1) {
err = got_error_from_errno2("open",
ondisk_path);
worktree->root_path, path[0] ? "/" : "", path) == -1)
return got_error_from_errno("asprintf");
- fd = open(ondisk_path, O_RDONLY | O_NOFOLLOW | O_DIRECTORY);
+ fd = open(ondisk_path, O_RDONLY | O_NOFOLLOW | O_DIRECTORY | O_CLOEXEC);
if (fd == -1) {
if (errno != ENOTDIR && errno != ENOENT && errno != EACCES &&
!got_err_open_nofollow_on_symlink())
sb2.st_size = link_len;
}
} else {
- fd2 = open(path2, O_RDONLY | O_NOFOLLOW);
+ fd2 = open(path2, O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
if (fd2 == -1) {
if (!got_err_open_nofollow_on_symlink()) {
err = got_error_from_errno2("open", path2);
goto done;
} else {
int fd;
- fd = open(ondisk_path, O_RDONLY | O_NOFOLLOW);
+ fd = open(ondisk_path,
+ O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
if (fd == -1) {
err = got_error_from_errno2("open", ondisk_path);
goto done;
blob - 4a589cf5ece62d780a9e4fac1215b2df6a5ea5cc
blob + 965700c2ad7edf85000a045f92b3727fc9ebc460
--- lib/worktree_open.c
+++ lib/worktree_open.c
goto done;
}
- fd = open(path, O_RDONLY | O_NOFOLLOW);
+ fd = open(path, O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
if (fd == -1) {
if (errno == ENOENT)
err = got_error_path(path, GOT_ERR_WORKTREE_META);
goto done;
}
- fd = open(path_lock, O_RDWR | O_EXLOCK | O_NONBLOCK);
+ fd = open(path_lock, O_RDWR | O_EXLOCK | O_NONBLOCK | O_CLOEXEC);
if (fd == -1) {
err = (errno == EWOULDBLOCK ? got_error(GOT_ERR_WORKTREE_BUSY)
: got_error_from_errno2("open", path_lock));
err = got_gotconfig_read(&(*worktree)->gotconfig,
(*worktree)->gotconfig_path);
- (*worktree)->root_fd = open((*worktree)->root_path, O_DIRECTORY);
+ (*worktree)->root_fd = open((*worktree)->root_path,
+ O_DIRECTORY | O_CLOEXEC);
if ((*worktree)->root_fd == -1) {
err = got_error_from_errno2("open", (*worktree)->root_path);
goto done;