Do cloexec on socketpairs and stdio files

src/common/compat.c

@@ -118,6 +118,18 @@ tor_open_cloexec(const char *path, int flags, unsigned mode)
 #endif
 }
 
+/** DOCDOC */
+FILE *
+tor_fopen_cloexec(const char *path, const char *mode)
+{
+  FILE *result = fopen(path, mode);
+#ifdef FD_CLOEXEC
+  if (result != NULL)
+    fcntl(fileno(result), F_SETFD, FD_CLOEXEC);
+#endif
+  return result;
+}
+
 #ifdef HAVE_SYS_MMAN_H
 /** Try to create a memory mapping for <b>filename</b> and return it.  On
  * failure, return NULL.  Sets errno properly, using ERANGE to mean
@@ -1008,8 +1020,17 @@ tor_socketpair(int family, int type, int protocol, int fd[2])
 //don't use win32 socketpairs (they are always bad)
 #if defined(HAVE_SOCKETPAIR) && !defined(MS_WINDOWS)
   int r;
+#ifdef SOCK_CLOEXEC
+  type |= SOCK_CLOEXEC;
+#endif
   r = socketpair(family, type, protocol, fd);
   if (r == 0) {
+#ifndef SOCK_CLOEXEC
+    if (fd[0] >= 0)
+      fcntl(fd[0], F_SETFD, FD_CLOEXEC);
+    if (fd[1] >= 0)
+      fcntl(fd[1], F_SETFD, FD_CLOEXEC);
+#endif
     socket_accounting_lock();
     if (fd[0] >= 0) {
       ++n_sockets_open;

src/common/compat.h

@@ -51,6 +51,8 @@
 #include <netinet6/in6.h>
 #endif
 
+#include <stdio.h>
+
 #if defined (WINCE)
 #include <fcntl.h>
 #include <io.h>
@@ -340,8 +342,8 @@ struct tm *tor_gmtime_r(const time_t *timep, struct tm *result);
    ((tvp)->tv_sec cmp  (uvp)->tv_sec))
 
 /* ===== File compatibility */
-
 int tor_open_cloexec(const char *path, int flags, unsigned mode);
+FILE *tor_fopen_cloexec(const char *path, const char *mode);
 
 int replace_file(const char *from, const char *to);
 int touch_file(const char *fname);

src/or/dirserv.c

@@ -2445,7 +2445,7 @@ dirserv_read_measured_bandwidths(const char *from_file,
                                  smartlist_t *routerstatuses)
 {
   char line[256];
-  FILE *fp = fopen(from_file, "r");
+  FILE *fp = tor_fopen_cloexec(from_file, "r");
   int applied_lines = 0;
   time_t file_time;
   int ok;

src/or/geoip.c

@@ -206,7 +206,7 @@ geoip_load_file(const char *filename, or_options_t *options)
   int severity = options_need_geoip_info(options, &msg) ? LOG_WARN : LOG_INFO;
   crypto_digest_env_t *geoip_digest_env = NULL;
   clear_geoip_db();
-  if (!(f = fopen(filename, "r"))) {
+  if (!(f = tor_fopen_cloexec(filename, "r"))) {
     log_fn(severity, LD_GENERAL, "Failed to open GEOIP file %s.  %s",
            filename, msg);
     return -1;