socsvn commit: r253487 - soc2013/dpl/head/contrib/bzip2

[dpl at FreeBSD.org]

Author: dpl
Date: Tue Jun 25 08:26:12 2013
New Revision: 253487
URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=253487

Log:
  Close FILE * streams before forking and limit its fds capabilities. Getting an error with fileno().
  

Modified:
  soc2013/dpl/head/contrib/bzip2/bzip2.c

Modified: soc2013/dpl/head/contrib/bzip2/bzip2.c
==============================================================================
--- soc2013/dpl/head/contrib/bzip2/bzip2.c	Tue Jun 25 07:32:49 2013	(r253486)
+++ soc2013/dpl/head/contrib/bzip2/bzip2.c	Tue Jun 25 08:26:12 2013	(r253487)
@@ -1209,7 +1209,7 @@
    FILE  *outStr;
    Int32 n, i;
 #  if CAPSICUM
-   Int32 fd;
+   Int32 infd, outfd;
    pid_t forkpid;
 #  endif
    struct MY_STAT statBuf;
@@ -1365,43 +1365,52 @@
       pad ( inName );
       fflush ( stderr );
    }
-   printf("About to fork!\n");
 
 #  if CAPSICUM
+   fprintf(stderr,"infd: %d\n", fileno(inStr));
+   infd = fileno(inStr);
+   fprintf(stderr,"infd: %d\n", infd);
+   outfd = fileno(outStr);
+   fprintf(stderr,"outfd: %d\n", outfd);
+   /*cap_rights_limit(infd, CAP_READ);*/
+   /*cap_rights_limit(outfd, CAP_WRITE);*/
+
+   if(fclose(inStr) < 0){
+      fprintf ( stderr, "%s: Couldn't close inStr: %s.\n", 
+                          progName, strerror(errno) );
+      setExit(1);
+      exit(exitValue);
+   }
+   if(fclose(outStr) < 0){
+      fprintf ( stderr, "%s: Couldn't close outStr: %s.\n", 
+                       progName, strerror(errno) );
+      setExit(1);
+      exit(exitValue);
+   }
+
+   printf("About to fork()");
    /* Pass the limited file descriptors with a unix domain socket. */
    switch( forkpid = fork() ) {
       case ( 0 ):
+	     sleep(1);
 		 printf("Child\n");
-         if(fclose(inStr) < 0){
-		   fprintf ( stderr, "%s: Couldn't close inStr: %s.\n", 
-                             progName, strerror(errno) );
-			setExit(1);
-			exit(exitValue);
-          }
-         if(fclose(outStr) < 0){
-		   fprintf ( stderr, "%s: Couldn't close outStr: %s.\n", 
-                             progName, strerror(errno) );
-			setExit(1);
-			exit(exitValue);
-          }
-		 printf("closed fds\n");
-         if (fd == recvfd(sv[1]) <= 0){
-		   fprintf ( stderr, "%s: Couldn't get inStr(%d) fd: %s.\n", 
-                             progName, fd, strerror(errno) );
-			setExit(1);
-			exit(exitValue);
+         if ((infd = recvfd(sv[1])) <= 0){
+            fprintf ( stderr, "%s: Couldn't get fd: %s.\n", 
+                            progName, strerror(errno) );
+            setExit(1);
+            exit(exitValue);
           }
-		printf("inStr fd receiverd: %d\n",fd);
-         inStr = fdopen(fd, "rb");
+         printf("inStr fd received: %d\n",infd);
+         inStr = fdopen(infd, "rb");
 
-         if (fd == recvfd(sv[1]) <= 0){
-		   fprintf ( stderr, "%s: Couldn't get outStr(%d) fd: %s.\n", 
-                             progName, fd, strerror(errno) );
-			setExit(1);
-			exit(exitValue);
+         if ((outfd = recvfd(sv[1])) <= 0){
+            fprintf ( stderr, "%s: Couldn't get fd: %s.\n", 
+                            progName, strerror(errno) );
+            setExit(1);
+            exit(exitValue);
           }
-         outStr = fdopen(fd, "wb");
-		printf("outStr fd receiverd: %d\n",fd);
+         printf("outStr fd received: %d\n",outfd);
+         outStr = fdopen(outfd, "wb");
          
          if (cap_enter() < 0) {
 		   fprintf ( stderr, "%s: Couldn't enter capability mode: %s.\n", 
@@ -1428,6 +1437,7 @@
            }
          
            deleteOutputOnInterrupt = False;
+		   exit(0);
 
 #  if CAPSICUM
            break;
@@ -1438,17 +1448,10 @@
          exit(exitValue);
 
 	  default:
-		 printf("Parent.\n");
-		 printf("Waiting for son.\n");
-	     fd = fileno(inStr);
-		 cap_rights_limit(fd, CAP_READ);
-		 sendfd(sv[0], fd);
-		 printf("Sending inStr fd: %d\n", fd);
-	     fd = fileno(outStr);
-		 cap_rights_limit(fd, CAP_WRITE);
-		 sendfd(sv[0], fd);
-		 printf("Sending outStr fd: %d\n", fd);
-         wait(NULL);
+		 sendfd(sv[0], infd);
+		 sendfd(sv[0], outfd);
+		 printf("Waiting\n");
+         wait(0);
          return;
    }
 #  endif