mirror of
https://github.com/google/sandboxed-api.git
synced 2024-03-22 13:11:30 +08:00
Fix a file descriptor leak in sandbox2::Executor.
PiperOrigin-RevId: 276294193 Change-Id: I9def39a41704db9948735c259e435ccfc71bacc5
This commit is contained in:
parent
8412af7e5f
commit
282f2d65e7
|
@ -60,6 +60,12 @@ Executor::Executor(int exec_fd, const std::string& path,
|
||||||
SetDefaultCwd();
|
SetDefaultCwd();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Executor::~Executor() {
|
||||||
|
if (client_comms_fd_ != -1) {
|
||||||
|
close(client_comms_fd_);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
std::vector<std::string> Executor::CopyEnviron() {
|
std::vector<std::string> Executor::CopyEnviron() {
|
||||||
std::vector<std::string> environ_copy;
|
std::vector<std::string> environ_copy;
|
||||||
util::CharPtrArrToVecString(environ, &environ_copy);
|
util::CharPtrArrToVecString(environ, &environ_copy);
|
||||||
|
|
|
@ -72,6 +72,8 @@ class Executor final {
|
||||||
/*enable_sandboxing_pre_execve=*/false,
|
/*enable_sandboxing_pre_execve=*/false,
|
||||||
/*libunwind_sbox_for_pid=*/0, fork_client) {}
|
/*libunwind_sbox_for_pid=*/0, fork_client) {}
|
||||||
|
|
||||||
|
~Executor();
|
||||||
|
|
||||||
// Creates a new process which will act as a custom ForkServer. Should be used
|
// Creates a new process which will act as a custom ForkServer. Should be used
|
||||||
// with custom fork servers only.
|
// with custom fork servers only.
|
||||||
// This function returns immediately and returns a nullptr on failure.
|
// This function returns immediately and returns a nullptr on failure.
|
||||||
|
|
Loading…
Reference in New Issue
Block a user