spawn: close all file descriptors before execve

No need to give whatever we're calling access to what we use
2025-12-22 23:26:44 -08:00 · 2018-10-16 18:08:36 +00:00
parent 5c85da5a73
commit c774392985
3 changed files with 25 additions and 0 deletions
--- a/src/common/util.cpp
+++ b/src/common/util.cpp
@@ -28,6 +28,7 @@
 // 
 // Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers

+#include <unistd.h>
 #include <cstdio>

 #ifdef __GLIBC__
@@ -967,4 +968,23 @@ std::string get_nix_version_display_string()
  }
 #endif

+  void closefrom(int fd)
+  {
+#if defined __FreeBSD__ || defined __OpenBSD__ || defined __NetBSD__ || defined __DragonFly__
+    ::closefrom(fd);
+#else
+#if defined __GLIBC__
+    const int sc_open_max =  sysconf(_SC_OPEN_MAX);
+    const int MAX_FDS = std::min(65536, sc_open_max);
+#else
+    const int MAX_FDS = 65536;
+#endif
+    while (fd < MAX_FDS)
+    {
+      close(fd);
+      ++fd;
+    }
+#endif
+  }
+
 }