changeset 56600:412ce076c0dc

8224181: On child process spawn, child may write to random file descriptor instead of the fail pipe Reviewed-by: rriggs, martin
author stuefe
date Wed, 05 Jun 2019 08:59:17 +0200
parents bb3359bcf534
children cfd1e298ca33
files src/java.base/unix/native/libjava/childproc.c
diffstat 1 files changed, 7 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/src/java.base/unix/native/libjava/childproc.c	Wed Jun 05 07:25:09 2019 +0200
+++ b/src/java.base/unix/native/libjava/childproc.c	Wed Jun 05 08:59:17 2019 +0200
@@ -313,6 +313,7 @@
 childProcess(void *arg)
 {
     const ChildStuff* p = (const ChildStuff*) arg;
+    int fail_pipe_fd = p->fail[1];
 
     /* Close the parent sides of the pipes.
        Closing pipe fds here is redundant, since closeDescriptors()
@@ -343,9 +344,12 @@
             goto WhyCantJohnnyExec;
     }
 
-    if (moveDescriptor(p->fail[1], FAIL_FILENO) == -1)
+    if (moveDescriptor(fail_pipe_fd, FAIL_FILENO) == -1)
         goto WhyCantJohnnyExec;
 
+    /* We moved the fail pipe fd */
+    fail_pipe_fd = FAIL_FILENO;
+
     /* close everything */
     if (closeDescriptors() == 0) { /* failed,  close the old way */
         int max_fd = (int)sysconf(_SC_OPEN_MAX);
@@ -377,9 +381,9 @@
      */
     {
         int errnum = errno;
-        restartableWrite(FAIL_FILENO, &errnum, sizeof(errnum));
+        restartableWrite(fail_pipe_fd, &errnum, sizeof(errnum));
     }
-    close(FAIL_FILENO);
+    close(fail_pipe_fd);
     _exit(-1);
     return 0;  /* Suppress warning "no return value from function" */
 }