replaced exit with _exit in forked child

author: netblue30 <netblue30@yahoo.com> 2016-10-19 14:30:30 -0400
committer: netblue30 <netblue30@yahoo.com> 2016-10-19 14:30:30 -0400
commit: eddb9419463e266c79d422ce5c4bbc91e579fbcd (patch)
tree: b20448bfb1cdfc331a93d49bb4728da290860424
parent: replaced exit with _exit in forked child (diff)
download: firejail-eddb9419463e266c79d422ce5c4bbc91e579fbcd.tar.gz
firejail-eddb9419463e266c79d422ce5c4bbc91e579fbcd.tar.zst
firejail-eddb9419463e266c79d422ce5c4bbc91e579fbcd.zip
9 files changed, 29 insertions, 20 deletions
diff --git a/src/faudit/syscall.c b/src/faudit/syscall.c
index 9924be00f..3c87305df 100644
--- a/src/faudit/syscall.c
+++ b/src/faudit/syscall.c
@@ -92,7 +92,8 @@ void syscall_run(const char *name) {
                errExit("fork");
        if (child == 0) {
                execl(prog, prog, "syscall", name, NULL);
-                exit(1);
+                perror("execl");
+                _exit(1);
        }
                
        // wait for the child to finish
diff --git a/src/firejail/fs_bin.c b/src/firejail/fs_bin.c
index e65474f44..ba0633649 100644
--- a/src/firejail/fs_bin.c
+++ b/src/firejail/fs_bin.c
@@ -192,6 +192,8 @@ static void duplicate(char *fname) {
                                if (asprintf(&f, "%s/%s", RUN_BIN_DIR, fname) == -1)
                                        errExit("asprintf");
                                execlp(RUN_CP_COMMAND, RUN_CP_COMMAND, "-a", actual_path, f, NULL);
+                                perror("execlp");
+                                _exit(1);
                        }
                        // wait for the child to finish
                        waitpid(child, NULL, 0);
@@ -245,7 +247,7 @@ void fs_private_bin_list(void) {
                        duplicate(ptr);
                free(dlist);    
                fs_logger_print();
-                exit(0);
+                _exit(0);
        }
        // wait for the child to finish
        waitpid(child, NULL, 0);
diff --git a/src/firejail/fs_etc.c b/src/firejail/fs_etc.c
index fc9e40ca0..de29c312e 100644
--- a/src/firejail/fs_etc.c
+++ b/src/firejail/fs_etc.c
@@ -106,6 +106,8 @@ static void duplicate(char *fname) {
                if (asprintf(&f, "/etc/%s", fname) == -1)
                        errExit("asprintf");
                execlp(RUN_CP_COMMAND, RUN_CP_COMMAND, "-a", "--parents", f, RUN_MNT_DIR, NULL);
+                perror("execlp");
+                _exit(1);
        }
        // wait for the child to finish
        waitpid(child, NULL, 0);
@@ -169,7 +171,7 @@ void fs_private_etc_list(void) {
                                duplicate(ptr);
                        free(dlist);    
                        fs_logger_print();
-                        exit(0);
+                        _exit(0);
                }
                // wait for the child to finish
                waitpid(child, NULL, 0);
diff --git a/src/firejail/fs_home.c b/src/firejail/fs_home.c
index bd3c404e9..75cc3e732 100644
--- a/src/firejail/fs_home.c
+++ b/src/firejail/fs_home.c
@@ -641,7 +641,7 @@ void fs_private_home_list(void) {
                fs_logger_print();      // save the current log
                free(dlist);
-                exit(0);
+                _exit(0);
        }
        // wait for the child to finish
        waitpid(child, NULL, 0);
diff --git a/src/firejail/ls.c b/src/firejail/ls.c
index 39efaa0a6..dba82be0b 100644
--- a/src/firejail/ls.c
+++ b/src/firejail/ls.c
@@ -358,7 +358,7 @@ void sandboxfs(int op, pid_t pid, const char *path1, const char *path2) {
                                fprintf(stderr, "Error: Cannot read %s\n", fname1);
                                exit(1);
                        }
-                        exit(0);
+                        _exit(0);
                }
                // wait for the child to finish
@@ -391,7 +391,7 @@ void sandboxfs(int op, pid_t pid, const char *path1, const char *path2) {
                                        exit(1);
                                }
                                fclose(fp);
-                                exit(0);
+                                _exit(0);
                        }
                        // wait for the child to finish
@@ -445,7 +445,7 @@ void sandboxfs(int op, pid_t pid, const char *path1, const char *path2) {
                                fprintf(stderr, "Error: Cannot read %s\n", src_fname);
                                exit(1);
                        }
-                        exit(0);
+                        _exit(0);
                }
                // wait for the child to finish
@@ -494,7 +494,7 @@ void sandboxfs(int op, pid_t pid, const char *path1, const char *path2) {
                                }
                        }
-                        exit(0);
+                        _exit(0);
                }
                // wait for the child to finish
diff --git a/src/firejail/main.c b/src/firejail/main.c
index 987a79d1c..0872a11bb 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -2506,7 +2506,7 @@ int main(int argc, char **argv) {
                        network_main(child);
                        if (arg_debug)
                                printf("Host network configured\n");                    
-                        exit(0);                        
+                        _exit(0);                       
                }
                // wait for the child to finish
diff --git a/src/firejail/netfilter.c b/src/firejail/netfilter.c
index b50d61039..c1f9a2c37 100644
--- a/src/firejail/netfilter.c
+++ b/src/firejail/netfilter.c
@@ -145,7 +145,8 @@ void netfilter(const char *fname) {
                // wipe out environment variables
                environ = NULL;
                execl(iptables_restore, iptables_restore, NULL);
-                // it will never get here!!!
+                perror("execl");
+                _exit(1);
        }
        // wait for the child to finish
        waitpid(child, NULL, 0);
@@ -163,7 +164,8 @@ void netfilter(const char *fname) {
                                errExit("setregid");
                        environ = NULL;
                        execl(iptables, iptables, "-vL", NULL);
-                        // it will never get here!!!
+                        perror("execl");
+                        _exit(1);
                }
                // wait for the child to finish
                waitpid(child, NULL, 0);
@@ -256,7 +258,8 @@ void netfilter6(const char *fname) {
                // wipe out environment variables
                environ = NULL;
                execl(ip6tables_restore, ip6tables_restore, NULL);
-                // it will never get here!!!
+                perror("execl");
+                _exit(1);
        }
        // wait for the child to finish
        waitpid(child, NULL, 0);
@@ -269,7 +272,8 @@ void netfilter6(const char *fname) {
                if (child == 0) {
                        environ = NULL;
                        execl(ip6tables, ip6tables, "-vL", NULL);
-                        // it will never get here!!!
+                        perror("execl");
+                        _exit(1);
                }
                // wait for the child to finish
                waitpid(child, NULL, 0);
diff --git a/src/firejail/x11.c b/src/firejail/x11.c
index d40d349e1..c79f1a74e 100644
--- a/src/firejail/x11.c
+++ b/src/firejail/x11.c
@@ -314,7 +314,7 @@ void x11_start_xephyr(int argc, char **argv) {
        
                execvp(server_argv[0], server_argv);
                perror("execvp");
-                exit(1);
+                _exit(1);
        }
        if (arg_debug)
@@ -355,7 +355,7 @@ void x11_start_xephyr(int argc, char **argv) {
                execvp(jail_argv[0], jail_argv);
                perror("execvp");
-                exit(1);
+                _exit(1);
        }
        // cleanup
@@ -434,7 +434,7 @@ void x11_start_xpra(int argc, char **argv) {
        
                execvp(server_argv[0], server_argv);
                perror("execvp");
-                exit(1);
+                _exit(1);
        }
        // check X11 socket
@@ -480,7 +480,7 @@ void x11_start_xpra(int argc, char **argv) {
                execvp(attach_argv[0], attach_argv);
                perror("execvp");
-                exit(1);
+                _exit(1);
        }
        setenv("DISPLAY", display_str, 1);
@@ -536,7 +536,7 @@ void x11_start_xpra(int argc, char **argv) {
                                }
                                execvp(stop_argv[0], stop_argv);
                                perror("execvp");
-                                exit(1);
+                                _exit(1);
                        }
                        // wait for xpra server to stop, 10 seconds limit
@@ -672,7 +672,7 @@ void x11_xorg(void) {
                execlp("/usr/bin/xauth", "/usr/bin/xauth", "-f", RUN_XAUTHORITY_SEC_FILE,
                        "generate", display, "MIT-MAGIC-COOKIE-1", "untrusted", NULL); 
                
-                exit(0);
+                _exit(0);
        }
        // wait for the child to finish
        waitpid(child, NULL, 0);
diff --git a/src/firemon/interface.c b/src/firemon/interface.c
index 5a89e1491..bceed93d3 100644
--- a/src/firemon/interface.c
+++ b/src/firemon/interface.c
@@ -146,7 +146,7 @@ static void print_sandbox(pid_t pid) {
                        return;
                net_ifprint();
                printf("\n");
-                exit(0);
+                _exit(0);
        }
        
        // wait for the child to finish
author	netblue30 <netblue30@yahoo.com>	2016-10-19 14:30:30 -0400
committer	netblue30 <netblue30@yahoo.com>	2016-10-19 14:30:30 -0400
commit	eddb9419463e266c79d422ce5c4bbc91e579fbcd (patch)
tree	b20448bfb1cdfc331a93d49bb4728da290860424
parent	replaced exit with _exit in forked child (diff)
download	firejail-eddb9419463e266c79d422ce5c4bbc91e579fbcd.tar.gz firejail-eddb9419463e266c79d422ce5c4bbc91e579fbcd.tar.zst firejail-eddb9419463e266c79d422ce5c4bbc91e579fbcd.zip