utils: Fix FileDescriptor duplicates potentially leaking to child processes

dup() doesn't duplicate flags such as FD_CLOEXEC.
This commit is contained in:
Vlad Zahorodnii 2023-04-24 19:20:33 +03:00
parent 8b4a0c35cc
commit 60dc812b21

View file

@ -8,6 +8,7 @@
*/
#include "filedescriptor.h"
#include <fcntl.h>
#include <unistd.h>
#include <utility>
@ -58,7 +59,7 @@ int FileDescriptor::take()
FileDescriptor FileDescriptor::duplicate() const
{
if (m_fd != -1) {
return FileDescriptor{dup(m_fd)};
return FileDescriptor{fcntl(m_fd, F_DUPFD_CLOEXEC, 0)};
} else {
return {};
}