https://bugs.kde.org/show_bug.cgi?id=439090
Mark Wielaard <m...@klomp.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Status|CONFIRMED |RESOLVED
--- Comment #8 from Mark Wielaard <m...@klomp.org> ---
commit a21e890f82258c17ee47895fa28bb62937eb1af9
Author: Lubomir Rintel <lkund...@v3.sk>
Date: Mon Oct 4 15:40:29 2021 +0200
Add close_range(2) support
This is a system call introduced in Linux 5.9.
It's typically used to bulk-close file descriptors that a process inherited
without having desired so and doesn't want to pass them to its offspring
for security reasons. For this reason the sensible upper limit value tends
to be unknown and the users prefer to stay on the safe side by setting it
high.
This is a bit peculiar because, if unfiltered, the syscall could end up
closing descriptors Valgrind uses for its purposes, ending in no end of
mayhem and suffering.
This patch adjusts the upper bounds to a safe value and then skips over
the descriptor Valgrind uses by potentially calling the real system call
with sub-ranges that are safe to close.
The call can fail on negative ranges and bad flags -- we're dealing with
the first condition ourselves while letting the real call fail on bad
flags.
https://bugs.kde.org/show_bug.cgi?id=439090
--
You are receiving this mail because:
You are watching all bug changes.
