Bug#696297: qt4-x11: Sets FD_CLOEXEC incorrectly with F_SETFL instead of F_SETFD

To: submit@bugs.debian.org
Subject: Bug#696297: qt4-x11: Sets FD_CLOEXEC incorrectly with F_SETFL instead of F_SETFD
From: Guillem Jover <guillem@debian.org>
Date: Wed, 19 Dec 2012 02:26:17 +0100
Message-id: <[🔎] 20121219012617.GA1334@gaara.hadrons.org>
Reply-to: Guillem Jover <guillem@debian.org>, 696297@bugs.debian.org

Source: qt4-x11
Version: 4:4.8.2+dfsg-6
Severity: important
Tags: patch
User: debian-bsd@lists.debian.org
Usertags: fcntl-fd-cloexec

Hi!

This package contains code that tries to set the FD_CLOEXEC flag for a
file descriptor, but it does using F_SETFL instead of F_SETFD.

Using that value on F_SETFL is just wrong, and might make the call fail
on some systems, as it's requesting to set an undetermined flag. For
example on GNU/* FD_CLOEXEC has value 1, which matches with O_WRONLY.

This might cause the code to at least leak file descriptors, and at
worst to terminate execution.

Attached a patch fixing this. (I'm filing bug reports for webkit and
the other webkit embedding packages too.)

Thanks,
Guillem

From b3252abcc5a9a7be2bd2315a077b4977e9ec3b83 Mon Sep 17 00:00:00 2001
From: Guillem Jover <guillem@hadrons.org>
Date: Wed, 19 Dec 2012 00:37:19 +0100
Subject: [PATCH] qt4-x11: Set FD_CLOEXEC correctly using F_SETFD not F_SETFL

Using that value on F_SETFL is just wrong, and might make the call fail
on some systems, as it's requesting to set an undetermined flag. For
example on GNU/* FD_CLOEXEC has value 1, which matches with O_WRONLY.

This might cause the code to at least leak file descriptors, and at worst
to terminate execution.
---
 .../webkit/Source/WebKit2/Platform/CoreIPC/unix/ConnectionUnix.cpp      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/3rdparty/webkit/Source/WebKit2/Platform/CoreIPC/unix/ConnectionUnix.cpp b/src/3rdparty/webkit/Source/WebKit2/Platform/CoreIPC/unix/ConnectionUnix.cpp
index 92ffff3..588a3a6 100644
--- a/src/3rdparty/webkit/Source/WebKit2/Platform/CoreIPC/unix/ConnectionUnix.cpp
+++ b/src/3rdparty/webkit/Source/WebKit2/Platform/CoreIPC/unix/ConnectionUnix.cpp
@@ -217,7 +217,7 @@ void Connection::readyReadHandler()
                 attachmentCount--;
 
             for (int i = 0; i < attachmentCount; ++i) {
-                while (fcntl(fileDescriptors[i], F_SETFL, FD_CLOEXEC) == -1) {
+                while (fcntl(fileDescriptors[i], F_SETFD, FD_CLOEXEC) == -1) {
                     if (errno != EINTR) {
                         ASSERT_NOT_REACHED();
                         return;
-- 
1.8.1.rc0

Reply to:

Follow-Ups:
- Bug#696297: marked as done (qt4-x11: Sets FD_CLOEXEC incorrectly with F_SETFL instead of F_SETFD)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#696296: qtwebkit: Sets FD_CLOEXEC incorrectly with F_SETFL instead of F_SETFD
Next by Date: Bug#696297: marked as done (qt4-x11: Sets FD_CLOEXEC incorrectly with F_SETFL instead of F_SETFD)
Previous by thread: Processed: Re: Bug#696296: qtwebkit: Sets FD_CLOEXEC incorrectly with F_SETFL instead of F_SETFD
Next by thread: Bug#696297: marked as done (qt4-x11: Sets FD_CLOEXEC incorrectly with F_SETFL instead of F_SETFD)
Index(es):
- Date
- Thread