Convert ifstream usage into fopen() to prevent fd leaks into child processes
std::ifstream does not use O_CLOEXEC flag when opening files. This leads
to file descriptors being inherited by child processes. In the case of vold
this results in leaking FDs to less privileged children with no permission
for these files which occasionally leads to SELinux denials.
Bug: 129298168
Change-Id: Id2731782a25d65c9a7cbf25dc441f3e7a17609c1
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
diff --git a/Process.cpp b/Process.cpp
index a5028f2..3d8e3d7 100644
--- a/Process.cpp
+++ b/Process.cpp
@@ -46,18 +46,27 @@
static bool checkMaps(const std::string& path, const std::string& prefix) {
bool found = false;
- std::ifstream infile(path);
- std::string line;
- while (std::getline(infile, line)) {
+ auto file = std::unique_ptr<FILE, decltype(&fclose)>{fopen(path.c_str(), "re"), fclose};
+ if (!file) {
+ return false;
+ }
+
+ char* buf = nullptr;
+ size_t len = 0;
+ while (getline(&buf, &len, file.get()) != -1) {
+ std::string line(buf);
std::string::size_type pos = line.find('/');
if (pos != std::string::npos) {
line = line.substr(pos);
if (android::base::StartsWith(line, prefix)) {
LOG(WARNING) << "Found map " << path << " referencing " << line;
found = true;
+ break;
}
}
}
+ free(buf);
+
return found;
}