[packages/xsane.git] / xsane-0.995-close-fds.patch

# from Fedora
# submitted to upstream (Oliver Rauch) via email, 2009-08-18

From 6dee7eadd1b7352ec503ea04fa1639d4a93f370b Mon Sep 17 00:00:00 2001
From: Nils Philippsen <nils@redhat.com>
Date: Thu, 16 Aug 2012 11:18:31 +0200
Subject: [PATCH] patch: close-fds

Squashed commit of the following:

commit 4fdedd3a8b66fb42b2d4dde62df28c78571c1c5d
Author: Nils Philippsen <nils@redhat.com>
Date:   Fri Nov 19 12:15:58 2010 +0100

    don't leak file descriptors to help browser process (#455450)
---
 src/xsane.c | 43 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)

diff --git a/src/xsane.c b/src/xsane.c
index 775610e..1c5d61d 100644
--- a/src/xsane.c
+++ b/src/xsane.c
@@ -48,6 +48,8 @@
 
 #include <sys/wait.h>
 
+#include <stdarg.h>
+
 /* ---------------------------------------------------------------------------------------------------------------------- */
 
 struct option long_options[] =
@@ -3684,6 +3686,41 @@ static void xsane_show_gpl(GtkWidget *widget, gpointer data)
 
 /* ---------------------------------------------------------------------------------------------------------------------- */
 
+static void xsane_close_fds_for_exec(signed int first_fd_to_leave_open, ...)
+{
+ int open_max;
+ signed int i;
+
+ va_list ap;
+ unsigned char *close_fds;
+
+  open_max = (int) sysconf (_SC_OPEN_MAX);
+
+  close_fds = malloc (open_max);
+
+  memset (close_fds, 1, open_max);
+
+  va_start (ap, first_fd_to_leave_open);
+
+  for (i = first_fd_to_leave_open; i >= 0; i = va_arg (ap, signed int)) {
+    if (i < open_max)
+      close_fds[i] = 0;
+  }
+
+  va_end (ap);
+
+  DBG(DBG_info, "closing unneeded file descriptors\n");
+
+  for (i = 0; i < open_max; i++) {
+    if (close_fds[i])
+      close (i);
+  }
+
+  free (close_fds);
+}
+
+/* ---------------------------------------------------------------------------------------------------------------------- */
+
 static void xsane_show_doc_via_nsr(GtkWidget *widget, gpointer data) /* show via netscape remote */
 {
  char *name = (char *) data;
@@ -3736,6 +3773,8 @@ static void xsane_show_doc_via_nsr(GtkWidget *widget, gpointer data) /* show via
         ipc_file = fdopen(xsane.ipc_pipefd[1], "w");
       }
 
+      xsane_close_fds_for_exec (1, 2, xsane.ipc_pipefd[1], -1);
+
       DBG(DBG_info, "trying to change user id for new subprocess:\n");
       DBG(DBG_info, "old effective uid = %d\n", (int) geteuid());
       setuid(getuid());
@@ -3778,6 +3817,8 @@ static void xsane_show_doc_via_nsr(GtkWidget *widget, gpointer data) /* show via
         ipc_file = fdopen(xsane.ipc_pipefd[1], "w");
       }
 
+      xsane_close_fds_for_exec (1, 2, xsane.ipc_pipefd[1], -1);
+
       DBG(DBG_info, "trying to change user id for new subprocess:\n");
       DBG(DBG_info, "old effective uid = %d\n", (int) geteuid());
       setuid(getuid());
@@ -3899,6 +3940,8 @@ static void xsane_show_doc(GtkWidget *widget, gpointer data)
         ipc_file = fdopen(xsane.ipc_pipefd[1], "w");
       }
 
+      xsane_close_fds_for_exec (1, 2, xsane.ipc_pipefd[1], -1);
+
       DBG(DBG_info, "trying to change user id for new subprocess:\n");
       DBG(DBG_info, "old effective uid = %d\n", (int) geteuid());
       setuid(getuid());
-- 
1.7.11.4
Commit	Line	Data
94120488 ER	1	# from Fedora
	2	# submitted to upstream (Oliver Rauch) via email, 2009-08-18
	3
12d07cfb AM	4	From 6dee7eadd1b7352ec503ea04fa1639d4a93f370b Mon Sep 17 00:00:00 2001
	5	From: Nils Philippsen <nils@redhat.com>
	6	Date: Thu, 16 Aug 2012 11:18:31 +0200
	7	Subject: [PATCH] patch: close-fds
	8
	9	Squashed commit of the following:
	10
	11	commit 4fdedd3a8b66fb42b2d4dde62df28c78571c1c5d
	12	Author: Nils Philippsen <nils@redhat.com>
	13	Date: Fri Nov 19 12:15:58 2010 +0100
	14
	15	don't leak file descriptors to help browser process (#455450)
	16	---
	17	src/xsane.c \| 43 +++++++++++++++++++++++++++++++++++++++++++
	18	1 file changed, 43 insertions(+)
	19
	20	diff --git a/src/xsane.c b/src/xsane.c
	21	index 775610e..1c5d61d 100644
	22	--- a/src/xsane.c
	23	+++ b/src/xsane.c
	24	@@ -48,6 +48,8 @@
	25
	26	#include <sys/wait.h>
	27
	28	+#include <stdarg.h>
	29	+
	30	/* ---------------------------------------------------------------------------------------------------------------------- */
	31
	32	struct option long_options[] =
	33	@@ -3684,6 +3686,41 @@ static void xsane_show_gpl(GtkWidget *widget, gpointer data)
	34
	35	/* ---------------------------------------------------------------------------------------------------------------------- */
	36
	37	+static void xsane_close_fds_for_exec(signed int first_fd_to_leave_open, ...)
	38	+{
	39	+ int open_max;
	40	+ signed int i;
	41	+
	42	+ va_list ap;
	43	+ unsigned char *close_fds;
	44	+
	45	+ open_max = (int) sysconf (_SC_OPEN_MAX);
	46	+
	47	+ close_fds = malloc (open_max);
	48	+
	49	+ memset (close_fds, 1, open_max);
	50	+
	51	+ va_start (ap, first_fd_to_leave_open);
	52	+
	53	+ for (i = first_fd_to_leave_open; i >= 0; i = va_arg (ap, signed int)) {
	54	+ if (i < open_max)
	55	+ close_fds[i] = 0;
	56	+ }
	57	+
	58	+ va_end (ap);
	59	+
	60	+ DBG(DBG_info, "closing unneeded file descriptors\n");
	61	+
	62	+ for (i = 0; i < open_max; i++) {
	63	+ if (close_fds[i])
	64	+ close (i);
	65	+ }
	66	+
	67	+ free (close_fds);
68	+}
69	+
70	+/* ---------------------------------------------------------------------------------------------------------------------- */
71	+
72	static void xsane_show_doc_via_nsr(GtkWidget widget, gpointer data) / show via netscape remote */
73	{
74	char name = (char ) data;
75	@@ -3736,6 +3773,8 @@ static void xsane_show_doc_via_nsr(GtkWidget widget, gpointer data) / show via
76	ipc_file = fdopen(xsane.ipc_pipefd[1], "w");
77	}
78
79	+ xsane_close_fds_for_exec (1, 2, xsane.ipc_pipefd[1], -1);
80	+
81	DBG(DBG_info, "trying to change user id for new subprocess:\n");
82	DBG(DBG_info, "old effective uid = %d\n", (int) geteuid());
83	setuid(getuid());
84	@@ -3778,6 +3817,8 @@ static void xsane_show_doc_via_nsr(GtkWidget widget, gpointer data) / show via
85	ipc_file = fdopen(xsane.ipc_pipefd[1], "w");
86	}
87
88	+ xsane_close_fds_for_exec (1, 2, xsane.ipc_pipefd[1], -1);
89	+
90	DBG(DBG_info, "trying to change user id for new subprocess:\n");
91	DBG(DBG_info, "old effective uid = %d\n", (int) geteuid());
92	setuid(getuid());
93	@@ -3899,6 +3940,8 @@ static void xsane_show_doc(GtkWidget *widget, gpointer data)
94	ipc_file = fdopen(xsane.ipc_pipefd[1], "w");
95	}
96
97	+ xsane_close_fds_for_exec (1, 2, xsane.ipc_pipefd[1], -1);
98	+
99	DBG(DBG_info, "trying to change user id for new subprocess:\n");
100	DBG(DBG_info, "old effective uid = %d\n", (int) geteuid());
101	setuid(getuid());
102	--
103	1.7.11.4
104