about summary refs log tree commit diff
path: root/src/libutil
diff options
context:
space:
mode:
Diffstat (limited to 'src/libutil')
-rw-r--r--src/libutil/archive.cc4
-rw-r--r--src/libutil/hash.cc2
-rw-r--r--src/libutil/util.cc12
3 files changed, 11 insertions, 7 deletions
diff --git a/src/libutil/archive.cc b/src/libutil/archive.cc
index 5363496c272e..c3e4c87a5599 100644
--- a/src/libutil/archive.cc
+++ b/src/libutil/archive.cc
@@ -41,7 +41,7 @@ static void dumpContents(const Path & path, size_t size,
 {
     sink << "contents" << size;
 
-    AutoCloseFD fd = open(path.c_str(), O_RDONLY);
+    AutoCloseFD fd = open(path.c_str(), O_RDONLY | O_CLOEXEC);
     if (fd == -1) throw SysError(format("opening file ‘%1%’") % path);
 
     unsigned char buf[65536];
@@ -304,7 +304,7 @@ struct RestoreSink : ParseSink
     {
         Path p = dstPath + path;
         fd.close();
-        fd = open(p.c_str(), O_CREAT | O_EXCL | O_WRONLY, 0666);
+        fd = open(p.c_str(), O_CREAT | O_EXCL | O_WRONLY | O_CLOEXEC, 0666);
         if (fd == -1) throw SysError(format("creating file ‘%1%’") % p);
     }
 
diff --git a/src/libutil/hash.cc b/src/libutil/hash.cc
index c17f1c4d5150..69ea95852c3f 100644
--- a/src/libutil/hash.cc
+++ b/src/libutil/hash.cc
@@ -254,7 +254,7 @@ Hash hashFile(HashType ht, const Path & path)
     Hash hash(ht);
     start(ht, ctx);
 
-    AutoCloseFD fd = open(path.c_str(), O_RDONLY);
+    AutoCloseFD fd = open(path.c_str(), O_RDONLY | O_CLOEXEC);
     if (fd == -1) throw SysError(format("opening file ‘%1%’") % path);
 
     unsigned char buf[8192];
diff --git a/src/libutil/util.cc b/src/libutil/util.cc
index 788d01f59a18..4cc4649c98d0 100644
--- a/src/libutil/util.cc
+++ b/src/libutil/util.cc
@@ -273,7 +273,7 @@ string readFile(int fd)
 
 string readFile(const Path & path, bool drain)
 {
-    AutoCloseFD fd = open(path.c_str(), O_RDONLY);
+    AutoCloseFD fd = open(path.c_str(), O_RDONLY | O_CLOEXEC);
     if (fd == -1)
         throw SysError(format("opening file ‘%1%’") % path);
     return drain ? drainFD(fd) : readFile(fd);
@@ -282,7 +282,7 @@ string readFile(const Path & path, bool drain)
 
 void writeFile(const Path & path, const string & s)
 {
-    AutoCloseFD fd = open(path.c_str(), O_WRONLY | O_TRUNC | O_CREAT, 0666);
+    AutoCloseFD fd = open(path.c_str(), O_WRONLY | O_TRUNC | O_CREAT | O_CLOEXEC, 0666);
     if (fd == -1)
         throw SysError(format("opening file ‘%1%’") % path);
     writeFull(fd, s);
@@ -633,11 +633,15 @@ int AutoCloseFD::borrow()
 void Pipe::create()
 {
     int fds[2];
+#if HAVE_PIPE2
+    if (pipe2(fds, O_CLOEXEC) != 0) throw SysError("creating pipe");
+#else
     if (pipe(fds) != 0) throw SysError("creating pipe");
+    closeOnExec(fds[0]);
+    closeOnExec(fds[1]);
+#endif
     readSide = fds[0];
     writeSide = fds[1];
-    closeOnExec(readSide);
-    closeOnExec(writeSide);
 }