diff options
author | netblue30 <netblue30@yahoo.com> | 2016-10-19 14:30:30 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-10-19 14:30:30 -0400 |
commit | eddb9419463e266c79d422ce5c4bbc91e579fbcd (patch) | |
tree | b20448bfb1cdfc331a93d49bb4728da290860424 | |
parent | replaced exit with _exit in forked child (diff) | |
download | firejail-eddb9419463e266c79d422ce5c4bbc91e579fbcd.tar.gz firejail-eddb9419463e266c79d422ce5c4bbc91e579fbcd.tar.zst firejail-eddb9419463e266c79d422ce5c4bbc91e579fbcd.zip |
replaced exit with _exit in forked child
-rw-r--r-- | src/faudit/syscall.c | 3 | ||||
-rw-r--r-- | src/firejail/fs_bin.c | 4 | ||||
-rw-r--r-- | src/firejail/fs_etc.c | 4 | ||||
-rw-r--r-- | src/firejail/fs_home.c | 2 | ||||
-rw-r--r-- | src/firejail/ls.c | 8 | ||||
-rw-r--r-- | src/firejail/main.c | 2 | ||||
-rw-r--r-- | src/firejail/netfilter.c | 12 | ||||
-rw-r--r-- | src/firejail/x11.c | 12 | ||||
-rw-r--r-- | src/firemon/interface.c | 2 |
9 files changed, 29 insertions, 20 deletions
diff --git a/src/faudit/syscall.c b/src/faudit/syscall.c index 9924be00f..3c87305df 100644 --- a/src/faudit/syscall.c +++ b/src/faudit/syscall.c | |||
@@ -92,7 +92,8 @@ void syscall_run(const char *name) { | |||
92 | errExit("fork"); | 92 | errExit("fork"); |
93 | if (child == 0) { | 93 | if (child == 0) { |
94 | execl(prog, prog, "syscall", name, NULL); | 94 | execl(prog, prog, "syscall", name, NULL); |
95 | exit(1); | 95 | perror("execl"); |
96 | _exit(1); | ||
96 | } | 97 | } |
97 | 98 | ||
98 | // wait for the child to finish | 99 | // wait for the child to finish |
diff --git a/src/firejail/fs_bin.c b/src/firejail/fs_bin.c index e65474f44..ba0633649 100644 --- a/src/firejail/fs_bin.c +++ b/src/firejail/fs_bin.c | |||
@@ -192,6 +192,8 @@ static void duplicate(char *fname) { | |||
192 | if (asprintf(&f, "%s/%s", RUN_BIN_DIR, fname) == -1) | 192 | if (asprintf(&f, "%s/%s", RUN_BIN_DIR, fname) == -1) |
193 | errExit("asprintf"); | 193 | errExit("asprintf"); |
194 | execlp(RUN_CP_COMMAND, RUN_CP_COMMAND, "-a", actual_path, f, NULL); | 194 | execlp(RUN_CP_COMMAND, RUN_CP_COMMAND, "-a", actual_path, f, NULL); |
195 | perror("execlp"); | ||
196 | _exit(1); | ||
195 | } | 197 | } |
196 | // wait for the child to finish | 198 | // wait for the child to finish |
197 | waitpid(child, NULL, 0); | 199 | waitpid(child, NULL, 0); |
@@ -245,7 +247,7 @@ void fs_private_bin_list(void) { | |||
245 | duplicate(ptr); | 247 | duplicate(ptr); |
246 | free(dlist); | 248 | free(dlist); |
247 | fs_logger_print(); | 249 | fs_logger_print(); |
248 | exit(0); | 250 | _exit(0); |
249 | } | 251 | } |
250 | // wait for the child to finish | 252 | // wait for the child to finish |
251 | waitpid(child, NULL, 0); | 253 | waitpid(child, NULL, 0); |
diff --git a/src/firejail/fs_etc.c b/src/firejail/fs_etc.c index fc9e40ca0..de29c312e 100644 --- a/src/firejail/fs_etc.c +++ b/src/firejail/fs_etc.c | |||
@@ -106,6 +106,8 @@ static void duplicate(char *fname) { | |||
106 | if (asprintf(&f, "/etc/%s", fname) == -1) | 106 | if (asprintf(&f, "/etc/%s", fname) == -1) |
107 | errExit("asprintf"); | 107 | errExit("asprintf"); |
108 | execlp(RUN_CP_COMMAND, RUN_CP_COMMAND, "-a", "--parents", f, RUN_MNT_DIR, NULL); | 108 | execlp(RUN_CP_COMMAND, RUN_CP_COMMAND, "-a", "--parents", f, RUN_MNT_DIR, NULL); |
109 | perror("execlp"); | ||
110 | _exit(1); | ||
109 | } | 111 | } |
110 | // wait for the child to finish | 112 | // wait for the child to finish |
111 | waitpid(child, NULL, 0); | 113 | waitpid(child, NULL, 0); |
@@ -169,7 +171,7 @@ void fs_private_etc_list(void) { | |||
169 | duplicate(ptr); | 171 | duplicate(ptr); |
170 | free(dlist); | 172 | free(dlist); |
171 | fs_logger_print(); | 173 | fs_logger_print(); |
172 | exit(0); | 174 | _exit(0); |
173 | } | 175 | } |
174 | // wait for the child to finish | 176 | // wait for the child to finish |
175 | waitpid(child, NULL, 0); | 177 | waitpid(child, NULL, 0); |
diff --git a/src/firejail/fs_home.c b/src/firejail/fs_home.c index bd3c404e9..75cc3e732 100644 --- a/src/firejail/fs_home.c +++ b/src/firejail/fs_home.c | |||
@@ -641,7 +641,7 @@ void fs_private_home_list(void) { | |||
641 | 641 | ||
642 | fs_logger_print(); // save the current log | 642 | fs_logger_print(); // save the current log |
643 | free(dlist); | 643 | free(dlist); |
644 | exit(0); | 644 | _exit(0); |
645 | } | 645 | } |
646 | // wait for the child to finish | 646 | // wait for the child to finish |
647 | waitpid(child, NULL, 0); | 647 | waitpid(child, NULL, 0); |
diff --git a/src/firejail/ls.c b/src/firejail/ls.c index 39efaa0a6..dba82be0b 100644 --- a/src/firejail/ls.c +++ b/src/firejail/ls.c | |||
@@ -358,7 +358,7 @@ void sandboxfs(int op, pid_t pid, const char *path1, const char *path2) { | |||
358 | fprintf(stderr, "Error: Cannot read %s\n", fname1); | 358 | fprintf(stderr, "Error: Cannot read %s\n", fname1); |
359 | exit(1); | 359 | exit(1); |
360 | } | 360 | } |
361 | exit(0); | 361 | _exit(0); |
362 | } | 362 | } |
363 | 363 | ||
364 | // wait for the child to finish | 364 | // wait for the child to finish |
@@ -391,7 +391,7 @@ void sandboxfs(int op, pid_t pid, const char *path1, const char *path2) { | |||
391 | exit(1); | 391 | exit(1); |
392 | } | 392 | } |
393 | fclose(fp); | 393 | fclose(fp); |
394 | exit(0); | 394 | _exit(0); |
395 | } | 395 | } |
396 | 396 | ||
397 | // wait for the child to finish | 397 | // wait for the child to finish |
@@ -445,7 +445,7 @@ void sandboxfs(int op, pid_t pid, const char *path1, const char *path2) { | |||
445 | fprintf(stderr, "Error: Cannot read %s\n", src_fname); | 445 | fprintf(stderr, "Error: Cannot read %s\n", src_fname); |
446 | exit(1); | 446 | exit(1); |
447 | } | 447 | } |
448 | exit(0); | 448 | _exit(0); |
449 | } | 449 | } |
450 | 450 | ||
451 | // wait for the child to finish | 451 | // wait for the child to finish |
@@ -494,7 +494,7 @@ void sandboxfs(int op, pid_t pid, const char *path1, const char *path2) { | |||
494 | } | 494 | } |
495 | } | 495 | } |
496 | 496 | ||
497 | exit(0); | 497 | _exit(0); |
498 | } | 498 | } |
499 | 499 | ||
500 | // wait for the child to finish | 500 | // wait for the child to finish |
diff --git a/src/firejail/main.c b/src/firejail/main.c index 987a79d1c..0872a11bb 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -2506,7 +2506,7 @@ int main(int argc, char **argv) { | |||
2506 | network_main(child); | 2506 | network_main(child); |
2507 | if (arg_debug) | 2507 | if (arg_debug) |
2508 | printf("Host network configured\n"); | 2508 | printf("Host network configured\n"); |
2509 | exit(0); | 2509 | _exit(0); |
2510 | } | 2510 | } |
2511 | 2511 | ||
2512 | // wait for the child to finish | 2512 | // wait for the child to finish |
diff --git a/src/firejail/netfilter.c b/src/firejail/netfilter.c index b50d61039..c1f9a2c37 100644 --- a/src/firejail/netfilter.c +++ b/src/firejail/netfilter.c | |||
@@ -145,7 +145,8 @@ void netfilter(const char *fname) { | |||
145 | // wipe out environment variables | 145 | // wipe out environment variables |
146 | environ = NULL; | 146 | environ = NULL; |
147 | execl(iptables_restore, iptables_restore, NULL); | 147 | execl(iptables_restore, iptables_restore, NULL); |
148 | // it will never get here!!! | 148 | perror("execl"); |
149 | _exit(1); | ||
149 | } | 150 | } |
150 | // wait for the child to finish | 151 | // wait for the child to finish |
151 | waitpid(child, NULL, 0); | 152 | waitpid(child, NULL, 0); |
@@ -163,7 +164,8 @@ void netfilter(const char *fname) { | |||
163 | errExit("setregid"); | 164 | errExit("setregid"); |
164 | environ = NULL; | 165 | environ = NULL; |
165 | execl(iptables, iptables, "-vL", NULL); | 166 | execl(iptables, iptables, "-vL", NULL); |
166 | // it will never get here!!! | 167 | perror("execl"); |
168 | _exit(1); | ||
167 | } | 169 | } |
168 | // wait for the child to finish | 170 | // wait for the child to finish |
169 | waitpid(child, NULL, 0); | 171 | waitpid(child, NULL, 0); |
@@ -256,7 +258,8 @@ void netfilter6(const char *fname) { | |||
256 | // wipe out environment variables | 258 | // wipe out environment variables |
257 | environ = NULL; | 259 | environ = NULL; |
258 | execl(ip6tables_restore, ip6tables_restore, NULL); | 260 | execl(ip6tables_restore, ip6tables_restore, NULL); |
259 | // it will never get here!!! | 261 | perror("execl"); |
262 | _exit(1); | ||
260 | } | 263 | } |
261 | // wait for the child to finish | 264 | // wait for the child to finish |
262 | waitpid(child, NULL, 0); | 265 | waitpid(child, NULL, 0); |
@@ -269,7 +272,8 @@ void netfilter6(const char *fname) { | |||
269 | if (child == 0) { | 272 | if (child == 0) { |
270 | environ = NULL; | 273 | environ = NULL; |
271 | execl(ip6tables, ip6tables, "-vL", NULL); | 274 | execl(ip6tables, ip6tables, "-vL", NULL); |
272 | // it will never get here!!! | 275 | perror("execl"); |
276 | _exit(1); | ||
273 | } | 277 | } |
274 | // wait for the child to finish | 278 | // wait for the child to finish |
275 | waitpid(child, NULL, 0); | 279 | waitpid(child, NULL, 0); |
diff --git a/src/firejail/x11.c b/src/firejail/x11.c index d40d349e1..c79f1a74e 100644 --- a/src/firejail/x11.c +++ b/src/firejail/x11.c | |||
@@ -314,7 +314,7 @@ void x11_start_xephyr(int argc, char **argv) { | |||
314 | 314 | ||
315 | execvp(server_argv[0], server_argv); | 315 | execvp(server_argv[0], server_argv); |
316 | perror("execvp"); | 316 | perror("execvp"); |
317 | exit(1); | 317 | _exit(1); |
318 | } | 318 | } |
319 | 319 | ||
320 | if (arg_debug) | 320 | if (arg_debug) |
@@ -355,7 +355,7 @@ void x11_start_xephyr(int argc, char **argv) { | |||
355 | 355 | ||
356 | execvp(jail_argv[0], jail_argv); | 356 | execvp(jail_argv[0], jail_argv); |
357 | perror("execvp"); | 357 | perror("execvp"); |
358 | exit(1); | 358 | _exit(1); |
359 | } | 359 | } |
360 | 360 | ||
361 | // cleanup | 361 | // cleanup |
@@ -434,7 +434,7 @@ void x11_start_xpra(int argc, char **argv) { | |||
434 | 434 | ||
435 | execvp(server_argv[0], server_argv); | 435 | execvp(server_argv[0], server_argv); |
436 | perror("execvp"); | 436 | perror("execvp"); |
437 | exit(1); | 437 | _exit(1); |
438 | } | 438 | } |
439 | 439 | ||
440 | // check X11 socket | 440 | // check X11 socket |
@@ -480,7 +480,7 @@ void x11_start_xpra(int argc, char **argv) { | |||
480 | 480 | ||
481 | execvp(attach_argv[0], attach_argv); | 481 | execvp(attach_argv[0], attach_argv); |
482 | perror("execvp"); | 482 | perror("execvp"); |
483 | exit(1); | 483 | _exit(1); |
484 | } | 484 | } |
485 | 485 | ||
486 | setenv("DISPLAY", display_str, 1); | 486 | setenv("DISPLAY", display_str, 1); |
@@ -536,7 +536,7 @@ void x11_start_xpra(int argc, char **argv) { | |||
536 | } | 536 | } |
537 | execvp(stop_argv[0], stop_argv); | 537 | execvp(stop_argv[0], stop_argv); |
538 | perror("execvp"); | 538 | perror("execvp"); |
539 | exit(1); | 539 | _exit(1); |
540 | } | 540 | } |
541 | 541 | ||
542 | // wait for xpra server to stop, 10 seconds limit | 542 | // wait for xpra server to stop, 10 seconds limit |
@@ -672,7 +672,7 @@ void x11_xorg(void) { | |||
672 | execlp("/usr/bin/xauth", "/usr/bin/xauth", "-f", RUN_XAUTHORITY_SEC_FILE, | 672 | execlp("/usr/bin/xauth", "/usr/bin/xauth", "-f", RUN_XAUTHORITY_SEC_FILE, |
673 | "generate", display, "MIT-MAGIC-COOKIE-1", "untrusted", NULL); | 673 | "generate", display, "MIT-MAGIC-COOKIE-1", "untrusted", NULL); |
674 | 674 | ||
675 | exit(0); | 675 | _exit(0); |
676 | } | 676 | } |
677 | // wait for the child to finish | 677 | // wait for the child to finish |
678 | waitpid(child, NULL, 0); | 678 | waitpid(child, NULL, 0); |
diff --git a/src/firemon/interface.c b/src/firemon/interface.c index 5a89e1491..bceed93d3 100644 --- a/src/firemon/interface.c +++ b/src/firemon/interface.c | |||
@@ -146,7 +146,7 @@ static void print_sandbox(pid_t pid) { | |||
146 | return; | 146 | return; |
147 | net_ifprint(); | 147 | net_ifprint(); |
148 | printf("\n"); | 148 | printf("\n"); |
149 | exit(0); | 149 | _exit(0); |
150 | } | 150 | } |
151 | 151 | ||
152 | // wait for the child to finish | 152 | // wait for the child to finish |