summaryrefslogtreecommitdiff
path: root/compiler/optimizing/optimizing_compiler.cc
diff options
context:
space:
mode:
author Nick Kralevich <nnk@google.com> 2020-01-31 12:54:35 -0800
committer Treehugger Robot <treehugger-gerrit@google.com> 2020-02-03 10:45:00 +0000
commit20d57d121a6f072484eb34b2f641136d9aff2077 (patch)
tree2ff2f17681ee74b5abc2e2582a5837277a8576d3 /compiler/optimizing/optimizing_compiler.cc
parentdd14a3d77abef167a18b8ad81f7ebb4d932c74a0 (diff)
perfetto_hprof.cc: fix leaky file descriptors
File descriptors created without O_CLOEXEC can leak across an exec() boundary, potentially leaking file descriptors across security boundaries. Avoid leakage across exec() by setting the O_CLOEXEC flag on newly created pipe() FDs. These leakages are detectable via the android-cloexec-pipe clang tidy check, which can be enabled by something similar to: tidy_checks: [ "android-*", ], See https://clang.llvm.org/extra/clang-tidy/checks/android-cloexec-pipe.html It's recommended that future changes be made to enable this clang tidy check. This will avoid future regressions. Fixes android.security.cts.FileDescriptorTest#testCLOEXEC android.security.cts android.security.cts.FileDescriptorTest#testCLOEXEC fail: java.lang.AssertionError: The following FDs do not have O_CLOEXEC enabled: /proc/self/fd/32 -> "pipe:[307764]" /proc/self/fd/34 -> "pipe:[307764]" at org.junit.Assert.fail(Assert.java:88) at android.security.cts.FileDescriptorTest.testCLOEXEC(FileDescriptorTest.java:88) at java.lang.reflect.Method.invoke(Native Method) at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50) at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12) at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:52) at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17) at org.junit.internal.runners.statements.FailOnTimeout$CallableStatement.call(FailOnTimeout.java:148) at org.junit.internal.runners.statements.FailOnTimeout$CallableStatement.call(FailOnTimeout.java:142) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.lang.Thread.run(Thread.java:921) Bug: 143375045 Test: cts-tradefed run cts-dev -m CtsSecurityTestCases -t android.security.cts.FileDescriptorTest\#testCLOEXEC Change-Id: I5a5eca26c7d0a9445f263841d57bc71389b91bf8
Diffstat (limited to 'compiler/optimizing/optimizing_compiler.cc')
0 files changed, 0 insertions, 0 deletions