int
save_cwd (struct saved_cwd *cwd)
{
cwd->name = NULL;
cwd->desc = fd_safer (open (".", O_RDONLY));
if (cwd->desc < 0)
{
cwd->desc = fd_safer (open (".", O_WRONLY));
if (cwd->desc < 0)
{
cwd->name = xgetcwd ();
return cwd->name ? 0 : -1;
}
}
return 0;
}
int
dup_safer (int fd)
{
#ifdef F_DUPFD
return fcntl (fd, F_DUPFD, STDERR_FILENO + 1);
#else
/* fd_safer calls us back, but eventually the recursion unwinds and
does the right thing. */
return fd_safer (dup (fd));
#endif
}
static int
fd_safer (int fd)
{
if (0 <= fd && fd <= 2)
{
int f = fd_safer (dup (fd));
int e = errno;
close (fd);
errno = e;
fd = f;
}
return fd;
}
int
save_cwd (struct saved_cwd *cwd)
{
cwd->name = NULL;
cwd->desc = open (".", O_SEARCH);
if (!GNULIB_FCNTL_SAFER)
cwd->desc = fd_safer (cwd->desc);
if (cwd->desc < 0)
{
cwd->name = getcwd (NULL, 0);
return cwd->name ? 0 : -1;
}
set_cloexec_flag (cwd->desc, true);
return 0;
}
int
open_safer (char const *file, int flags, ...)
{
mode_t mode = 0;
if (flags & O_CREAT)
{
va_list ap;
va_start (ap, flags);
/* We have to use PROMOTED_MODE_T instead of mode_t, otherwise GCC 4
creates crashing code when 'mode_t' is smaller than 'int'. */
mode = va_arg (ap, PROMOTED_MODE_T);
va_end (ap);
}
return fd_safer (open (file, flags, mode));
}
int
pipe_safer (int fd[2])
{
int fail = pipe (fd);
if (fail)
return fail;
{
int i;
for (i = 0; i < 2; i++)
{
int f = fd_safer (fd[i]);
if (f < 0)
return -1;
fd[i] = f;
}
}
return 0;
}
int
main ()
{
char *argv[3] = { "/bin/sh", CHILD_PROGRAM_FILENAME, NULL };
int ofd[2];
sigset_t blocked_signals;
sigset_t fatal_signal_set;
posix_spawn_file_actions_t actions;
bool actions_allocated;
posix_spawnattr_t attrs;
bool attrs_allocated;
int err;
pid_t child;
int fd;
FILE *fp;
int written;
int status;
int exitstatus;
if (pipe (ofd) < 0 || (ofd[1] = fd_safer (ofd[1])) < 0)
{
perror ("cannot create pipe");
exit (1);
}
sigprocmask (SIG_SETMASK, NULL, &blocked_signals);
sigemptyset (&fatal_signal_set);
sigaddset (&fatal_signal_set, SIGINT);
sigaddset (&fatal_signal_set, SIGTERM);
sigaddset (&fatal_signal_set, SIGHUP);
sigaddset (&fatal_signal_set, SIGPIPE);
sigprocmask (SIG_BLOCK, &fatal_signal_set, NULL);
actions_allocated = false;
attrs_allocated = false;
if ((err = posix_spawn_file_actions_init (&actions)) != 0
|| (actions_allocated = true,
(err = posix_spawn_file_actions_adddup2 (&actions, ofd[0], STDIN_FILENO)) != 0
|| (err = posix_spawn_file_actions_addclose (&actions, ofd[0])) != 0
|| (err = posix_spawn_file_actions_addclose (&actions, ofd[1])) != 0
|| (err = posix_spawnattr_init (&attrs)) != 0
|| (attrs_allocated = true,
(err = posix_spawnattr_setsigmask (&attrs, &blocked_signals)) != 0
|| (err = posix_spawnattr_setflags (&attrs, POSIX_SPAWN_SETSIGMASK)) != 0)
|| (err = posix_spawnp (&child, "/bin/sh", &actions, &attrs, argv, environ)) != 0))
{
if (actions_allocated)
posix_spawn_file_actions_destroy (&actions);
if (attrs_allocated)
posix_spawnattr_destroy (&attrs);
sigprocmask (SIG_UNBLOCK, &fatal_signal_set, NULL);
errno = err;
perror ("subprocess failed");
exit (1);
}
posix_spawn_file_actions_destroy (&actions);
posix_spawnattr_destroy (&attrs);
sigprocmask (SIG_UNBLOCK, &fatal_signal_set, NULL);
close (ofd[0]);
fd = ofd[1];
fp = fdopen (fd, "w");
if (fp == NULL)
{
fprintf (stderr, "fdopen() failed\n");
exit (1);
}
written = fwrite ("Halle Potta\n", 1, 12, fp);
if (written < 12)
{
fprintf (stderr, "could not write input\n");
exit (1);
}
fclose (fp);
status = 0;
while (waitpid (child, &status, 0) != child)
;
if (!WIFEXITED (status))
{
fprintf (stderr, "subprocess terminated with unexpected wait status %d\n", status);
exit (1);
}
exitstatus = WEXITSTATUS (status);
if (exitstatus != 0)
{
fprintf (stderr, "subprocess terminated with unexpected exit status %d\n", exitstatus);
exit (1);
}
return 0;
}
/* Like mkstemps, but do not return STDIN_FILENO, STDOUT_FILENO, or
STDERR_FILENO. */
int mkstemps_safer (char *templ, int suffixlen)
{
return fd_safer (mkstemps (templ, suffixlen));
}
int
mkstemp_safer (char *templ)
{
return fd_safer (mkstemp (templ));
}
int
main ()
{
char *argv[3] = { (char *) "/bin/sh", (char *) CHILD_PROGRAM_FILENAME, NULL };
int ifd[2];
sigset_t blocked_signals;
sigset_t fatal_signal_set;
posix_spawn_file_actions_t actions;
bool actions_allocated;
posix_spawnattr_t attrs;
bool attrs_allocated;
int err;
pid_t child;
int fd;
FILE *fp;
char line[80];
int status;
int exitstatus;
if (pipe (ifd) < 0 || (ifd[0] = fd_safer (ifd[0])) < 0)
{
perror ("cannot create pipe");
exit (1);
}
sigprocmask (SIG_SETMASK, NULL, &blocked_signals);
sigemptyset (&fatal_signal_set);
sigaddset (&fatal_signal_set, SIGINT);
sigaddset (&fatal_signal_set, SIGTERM);
sigaddset (&fatal_signal_set, SIGHUP);
sigaddset (&fatal_signal_set, SIGPIPE);
sigprocmask (SIG_BLOCK, &fatal_signal_set, NULL);
actions_allocated = false;
attrs_allocated = false;
if ((err = posix_spawn_file_actions_init (&actions)) != 0
|| (actions_allocated = true,
(err = posix_spawn_file_actions_adddup2 (&actions, ifd[1], STDOUT_FILENO)) != 0
|| (err = posix_spawn_file_actions_addclose (&actions, ifd[1])) != 0
|| (err = posix_spawn_file_actions_addclose (&actions, ifd[0])) != 0
|| (err = posix_spawn_file_actions_addopen (&actions, STDIN_FILENO, "/dev/null", O_RDONLY, 0)) != 0
|| (err = posix_spawnattr_init (&attrs)) != 0
|| (attrs_allocated = true,
(err = posix_spawnattr_setsigmask (&attrs, &blocked_signals)) != 0
|| (err = posix_spawnattr_setflags (&attrs, POSIX_SPAWN_SETSIGMASK)) != 0)
|| (err = posix_spawnp (&child, "/bin/sh", &actions, &attrs, argv, environ)) != 0))
{
if (actions_allocated)
posix_spawn_file_actions_destroy (&actions);
if (attrs_allocated)
posix_spawnattr_destroy (&attrs);
sigprocmask (SIG_UNBLOCK, &fatal_signal_set, NULL);
errno = err;
perror ("subprocess failed");
exit (1);
}
posix_spawn_file_actions_destroy (&actions);
posix_spawnattr_destroy (&attrs);
sigprocmask (SIG_UNBLOCK, &fatal_signal_set, NULL);
close (ifd[1]);
fd = ifd[0];
fp = fdopen (fd, "r");
if (fp == NULL)
{
fprintf (stderr, "fdopen() failed\n");
exit (1);
}
if (fread (line, 1, 80, fp) < 12)
{
fprintf (stderr, "could not read expected output\n");
exit (1);
}
if (memcmp (line, "Halle Potta", 11) != 0)
{
fprintf (stderr, "read output is not the expected output");
exit (1);
}
fclose (fp);
status = 0;
while (waitpid (child, &status, 0) != child)
;
if (!WIFEXITED (status))
{
fprintf (stderr, "subprocess terminated with unexpected wait status %d\n", status);
exit (1);
}
exitstatus = WEXITSTATUS (status);
if (exitstatus != 0)
{
fprintf (stderr, "subprocess terminated with unexpected exit status %d\n", exitstatus);
exit (1);
}
return 0;
}
