From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/14361 Path: news.gmane.org!.POSTED.blaine.gmane.org!not-for-mail From: Tavian Barnes Newsgroups: gmane.linux.lib.musl.general Subject: posix_spawn() can expose the error pipe to the spawned process Date: Mon, 8 Jul 2019 11:39:49 -0400 Message-ID: Reply-To: musl@lists.openwall.com Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Injection-Info: blaine.gmane.org; posting-host="blaine.gmane.org:195.159.176.226"; logging-data="58391"; mail-complaints-to="usenet@blaine.gmane.org" To: musl@lists.openwall.com Original-X-From: musl-return-14377-gllmg-musl=m.gmane.org@lists.openwall.com Mon Jul 08 18:26:36 2019 Return-path: Envelope-to: gllmg-musl@m.gmane.org Original-Received: from mother.openwall.net ([195.42.179.200]) by blaine.gmane.org with smtp (Exim 4.89) (envelope-from ) id 1hkWTL-000F6Q-FP for gllmg-musl@m.gmane.org; Mon, 08 Jul 2019 18:26:35 +0200 Original-Received: (qmail 15595 invoked by uid 550); 8 Jul 2019 16:26:32 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Original-Received: (qmail 9606 invoked from network); 8 Jul 2019 15:40:13 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tavianator.com; s=google; h=mime-version:from:date:message-id:subject:to; bh=4AYO4tvrODn9gGtvBvmMDPJ9PLQKsn2LW6qafQibzjo=; b=hfHxOLkH2WeFlcN/TiKuIYpqdO9qBQFSYhp1rlIhFKHSvdLg8uzFszG6A2sQM3BKfl lbteFgA1ArMfU8S7CxmypA/ZCcgplfhqIge63xTcIjxjc5AoVirfOZO0kCULxjUI68TH nKSlfy8qDydYSakQw+KPyPCkLkuswBiZYYvL4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=4AYO4tvrODn9gGtvBvmMDPJ9PLQKsn2LW6qafQibzjo=; b=deSB96yWiqhkg/hFmTSwZzaczdWgsz2fhOWjl/tXmHO/C9RBsTKTQWJM8s84o2D/zC ZWXsVEQ/MtA8t/4Xss7bMxdx6F0QhgIlgHg/afpaNbL8e1OFSYxoU+XW+6tnDZXIohnE TjEkZKnQFVgO/7h1SFtJg/dPeBNzbonn6CO8Meo+tdOSYB6MvfeSBQccfZvRS0FbI+XD XkYwordBf+EjHYm4+u2OZgkT0ulTgbGMC4jvpX7VVTbIbRMi6eC0dEyEAPFew/CfMiqt TcKwFGqUy7xWnU/u9Pq6ASijSEWwcAr83leAijcyksHEqYFm3u7PmFeiDLbp5FvNkYgm el8g== X-Gm-Message-State: APjAAAVTuJkpNlFfcGrCdRLygzVV3qI5g0KBtBUCPXCYyyVydXZOGJ+b oDMgWHVFq4pqyiX+lSXM60zN7s2saD2x0865Y5wckLmdunfSvA== X-Google-Smtp-Source: APXvYqwt/l2MvAFRmL+agNEMmb2Ja6RUAG3YZ4YMvx21XgxzvBJMk+9jxIj8WGiSW0vmIlvt8CSCKIJEIWwtgxCLFzE= X-Received: by 2002:a17:90a:384d:: with SMTP id l13mr26978498pjf.86.1562600400925; Mon, 08 Jul 2019 08:40:00 -0700 (PDT) Xref: news.gmane.org gmane.linux.lib.musl.general:14361 Archived-At: posix_spawn[p]() is implemented with a pipe that sends any error codes encountered back to the parent process. It attempts to move the pipe out of the way with dup() whenever that fd is used by the file_actions as an output, but not as an input. So something like this: $ cat spawn_pipe.c #include #include #include #include #include extern char **environ; int main() { posix_spawn_file_actions_t fa; posix_spawn_file_actions_init(&fa); posix_spawn_file_actions_adddup2(&fa, 4, 1); char *argv[] = { "printf", "\\5\\0\\0\\0", NULL }; pid_t pid; int ret = posix_spawnp(&pid, "printf", &fa, NULL, argv, environ); fprintf(stderr, "posix_spawnp(): %s\n", strerror(ret)); return ret; } $ musl-gcc -Wall spawn_pipe.c -o spawn_pipe && ./spawn_pipe posix_spawnp(): I/O error ends up writing to that pipe and causing posix_spawn() to report arbitrary errors. Presumably it should fail before exec()ing with EBADF instead. -- Tavian Barnes