setlinebuf \
setvbuf \
getusershell \
- initgroups
+ initgroups \
+ closefrom
)
RADIUSD_NEED_DECLARATIONS( \
crypt \
int rad_unlockfd(int fd, int lock_len);
void lrad_bin2hex(const uint8_t *bin, char *hex, int len);
int lrad_hex2bin(const char *hex, uint8_t *bin, int len);
+#ifndef HAVE_CLOSEFROM
+int closefrom(int fd);
+#endif
#ifdef ASCEND_BINARY
/* filters.c */
return;
}
+/*
+ * So we don't have ifdef's in the rest of the code
+ */
+#ifndef HAVE_CLOSEFROM
+int closefrom(int fd)
+{
+ int i;
+ int maxfd = 256;
+
+#ifdef _SC_OPEN_MAX
+ maxfd = sysconf(_SC_OPEN_MAX);
+ if (maxfd < 0) {
+ maxfd = 256;
+ }
+#endif
+
+ if (fd > maxfd) return 0;
+
+ /*
+ * FIXME: return EINTR?
+ *
+ * Use F_CLOSEM?
+ */
+ for (i = fd; i < maxfd; i++) {
+ close(i);
+ }
+
+ return 0;
+}
+#endif
#include <string.h>
#include <fcntl.h>
#include <ctype.h>
+#include <unistd.h>
#include <signal.h>
#ifdef HAVE_SYS_WAIT_H
if ((pid = rad_fork(exec_wait)) == 0) {
#define MAX_ENVP 1024
- int i, devnull;
+ int devnull;
char *envp[MAX_ENVP];
int envlen;
char buffer[1024];
* want to leave dangling FD's for the child process
* to play funky games with, so we close them.
*/
- for (i = 3; i < 256; i++) {
- close(i);
- }
+ closefrom(3);
/*
* Set up the environment variables.
vp_prints_value(buffer+n, sizeof(buffer) - n, vp, 1);
envp[envlen++] = strdup(buffer);
+
+ /*
+ * Don't add too many attributes.
+ */
+ if (envlen == (MAX_ENVP - 1)) break;
}
envp[envlen] = NULL;
execve(argv[0], argv, envp);
int status;
int n;
char address[16];
- char port[8];
+ char port[11];
RADCLIENT *cl;
/*
return WEXITSTATUS(status);
}
- /*
- * Child - exec checklogin with the right parameters.
- */
- for (n = 256; n >= 3; n--)
- close(n);
+ closefrom(3);
/*
* We don't close fd's 0, 1, and 2. If we're in debugging mode,
*/
ip_ntoa(address, nasaddr);
- sprintf(port, "%u", portnum);
+ snprintf(port, 11, "%u", portnum);
#ifdef __EMX__
/* OS/2 can't directly execute scripts then we call the command
projects / freeradius.git / commitdiff