Fix a file descriptor leak in sandbox2::Executor.

PiperOrigin-RevId: 276294193
Change-Id: I9def39a41704db9948735c259e435ccfc71bacc5
This commit is contained in:
Sandboxed API Team 2019-10-23 09:51:44 -07:00 committed by Copybara-Service
parent 8412af7e5f
commit 282f2d65e7
2 changed files with 8 additions and 0 deletions

View File

@ -60,6 +60,12 @@ Executor::Executor(int exec_fd, const std::string& path,
SetDefaultCwd(); SetDefaultCwd();
} }
Executor::~Executor() {
if (client_comms_fd_ != -1) {
close(client_comms_fd_);
}
}
std::vector<std::string> Executor::CopyEnviron() { std::vector<std::string> Executor::CopyEnviron() {
std::vector<std::string> environ_copy; std::vector<std::string> environ_copy;
util::CharPtrArrToVecString(environ, &environ_copy); util::CharPtrArrToVecString(environ, &environ_copy);

View File

@ -72,6 +72,8 @@ class Executor final {
/*enable_sandboxing_pre_execve=*/false, /*enable_sandboxing_pre_execve=*/false,
/*libunwind_sbox_for_pid=*/0, fork_client) {} /*libunwind_sbox_for_pid=*/0, fork_client) {}
~Executor();
// Creates a new process which will act as a custom ForkServer. Should be used // Creates a new process which will act as a custom ForkServer. Should be used
// with custom fork servers only. // with custom fork servers only.
// This function returns immediately and returns a nullptr on failure. // This function returns immediately and returns a nullptr on failure.