[gnutls-devel] GnuTLS | GnuTLS leaks file descriptors in child processes (#985)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Fri May 8 18:03:39 CEST 2020
Remi Denis-Courmont commented:
I doubt that. Normally you need the flag to be set atomically in multi-thread context. That's the whole point of using *_CLOEXEC flags.
Otherwise there is a race if a thread calls `fork()` between the `fopen()` and the `set_close_exec()` flag. `fork()` copies the flag at the time of forking.
For instance:
* Thread A calls `gnutls_handshake()`... which opens the master key log file wit `fopen()`.
* This creates a new file descriptor (without close-on-exec flag).
* Thread B calls `fork()` from application code.
* The file descriptor is copied into the child process (also without the close-on-exec flag).
* Thread A calls `set_cloese_exec()` (or directly `fcntl()`).
* This sets the flag on the parent process FD, but not the child process FD.
* Child process calls `execv()` oblivious to the FD. The master key log FD is leaked to the child process.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/985#note_339180992
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200508/de120fb4/attachment.html>
More information about the Gnutls-devel
mailing list