diff options
| -rw-r--r-- | bubblewrap.c | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/bubblewrap.c b/bubblewrap.c index 230a67d..8f7d358 100644 --- a/bubblewrap.c +++ b/bubblewrap.c @@ -1147,6 +1147,7 @@ setup_newroot (bool unshare_pid, die_with_error ("Can't write data to file %s", op->dest); close (op->fd); + op->fd = -1; } break; @@ -1164,6 +1165,7 @@ setup_newroot (bool unshare_pid, die_with_error ("Can't write data to file %s", op->dest); close (op->fd); + op->fd = -1; assert (dest != NULL); @@ -1203,6 +1205,22 @@ setup_newroot (bool unshare_pid, PRIV_SEP_OP_DONE, 0, NULL, NULL); } +/* Do not leak file descriptors already used by setup_newroot () */ +static void +close_ops_fd (void) +{ + SetupOp *op; + + for (op = ops; op != NULL; op = op->next) + { + if (op->fd != -1) + { + (void) close (op->fd); + op->fd = -1; + } + } +} + /* We need to resolve relative symlinks in the sandbox before we chroot so that absolute symlinks are handled correctly. We also need to do this after we've switched to the real uid so that @@ -2324,6 +2342,8 @@ main (int argc, setup_newroot (opt_unshare_pid, -1); } + close_ops_fd (); + /* The old root better be rprivate or we will send unmount events to the parent namespace */ if (mount ("oldroot", "oldroot", NULL, MS_REC | MS_PRIVATE, NULL) != 0) die_with_error ("Failed to make old root rprivate"); |