You are viewing a plain text version of this content. The canonical link for it is here.

Posted to bugs@apr.apache.org by bu...@apache.org on 2023/03/07 20:27:42 UTC

[Bug 66516] New: apr_proc_create UB/IDB

https://bz.apache.org/bugzilla/show_bug.cgi?id=66516

            Bug ID: 66516
           Summary: apr_proc_create UB/IDB
           Product: APR
           Version: HEAD
          Hardware: All
                OS: other
            Status: NEW
          Severity: normal
          Priority: P2
         Component: APR
          Assignee: bugs@apr.apache.org
          Reporter: crrodriguez@opensuse.org
  Target Milestone: ---

apr_proc_create closes  STDIN_FILENO, STDOUT_FILENO, STDERR_FILENO and does not
follow with an operation to reopen them, this leads to UB/IDB. 

Quote from POSIX.

"Usage of close() on file descriptors STDIN_FILENO, STDOUT_FILENO, or
STDERR_FILENO should immediately be followed by an operation to reopen these
file descriptors. Unexpected behavior will result if any of these file
descriptors is left in a closed state (for example, an [EBADF] error from
perror()) or if an unrelated open() or similar call later in the application
accidentally allocates a file to one of these well-known file descriptors.
Furthermore, a close() followed by a reopen operation (e.g., open(), dup(),
etc.) is not atomic; dup2() should be used to change standard file
descriptors."

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@apr.apache.org
For additional commands, e-mail: bugs-help@apr.apache.org