the rndlinux module opens a file handle and never closes it
christianbiere at gmx.de
Mon Dec 18 16:29:57 CET 2006
Max Kellermann wrote:
> The function _gcry_rndlinux_gather_random() in cipher/rndlinux.c opens
> two file handles (fd_random and fd_urandom) which are never closed.
> Since it does not apply the FD_CLOEXEC flag, all subprocesses will
> inherit these two handles without ever using them.
> Please apply this patch which sets the FD_CLOEXEC flag.
The correct way to set this flag is this:
int flags = fcntl(fd, F_GETFD);
flags |= FD_CLOEXEC;
fcntl(fd, F_SETFD, flags);
Paranoids would even check for errors.
More information about the Gcrypt-devel