spawn: close all file descriptors before execve

No need to give whatever we're calling access to what we use
author: moneromooo-monero <moneromooo-monero@users.noreply.github.com> 2018-10-16 18:08:36 +0000
committer: moneromooo-monero <moneromooo-monero@users.noreply.github.com> 2018-10-17 09:31:34 +0000
commit: c77439298591792601f8c3f4c94950ef6e2c542a (patch)
tree: af4aa7da9819246934bf30677c590ad55985de30 /src/common/util.cpp
parent: Merge pull request #4610 (diff)
download: monero-c77439298591792601f8c3f4c94950ef6e2c542a.tar.xz
1 files changed, 20 insertions, 0 deletions
diff --git a/src/common/util.cpp b/src/common/util.cpp
index 2a1d49af0..9afeb2607 100644
--- a/src/common/util.cpp
+++ b/src/common/util.cpp
@@ -28,6 +28,7 @@
 // 
 // Parts of this file are originally copyright (c) 2012-2013 The Cryptonote developers
 
+#include <unistd.h>
 #include <cstdio>
 
 #ifdef __GLIBC__
@@ -967,4 +968,23 @@ std::string get_nix_version_display_string()
   }
 #endif
 
+  void closefrom(int fd)
+  {
+#if defined __FreeBSD__ || defined __OpenBSD__ || defined __NetBSD__ || defined __DragonFly__
+    ::closefrom(fd);
+#else
+#if defined __GLIBC__
+    const int sc_open_max =  sysconf(_SC_OPEN_MAX);
+    const int MAX_FDS = std::min(65536, sc_open_max);
+#else
+    const int MAX_FDS = 65536;
+#endif
+    while (fd < MAX_FDS)
+    {
+      close(fd);
+      ++fd;
+    }
+#endif
+  }
+
 }
author	moneromooo-monero <moneromooo-monero@users.noreply.github.com>	2018-10-16 18:08:36 +0000
committer	moneromooo-monero <moneromooo-monero@users.noreply.github.com>	2018-10-17 09:31:34 +0000
commit	c77439298591792601f8c3f4c94950ef6e2c542a (patch)
tree	af4aa7da9819246934bf30677c590ad55985de30 /src/common/util.cpp
parent	Merge pull request #4610 (diff)
download	monero-c77439298591792601f8c3f4c94950ef6e2c542a.tar.xz