path: root/src/process/posix_spawn_file_actions_addopen.c
diff options
authorRich Felker <>2021-01-30 16:09:22 -0500
committerRich Felker <>2021-01-30 16:09:22 -0500
commitdd5b6384712fb554bb6e291f2bbcdc9ec2f66554 (patch)
tree4763fc81ee12d9c546ac49dc2b2725a4c9181c0b /src/process/posix_spawn_file_actions_addopen.c
parent85e0e3519655220688e757b9d5bfd314923548bd (diff)
fail posix_spawn file_actions operations with negative fds
these functions are specified to fail with EBADF on negative fd arguments. apart from close, they are also specified to fail if the value exceeds OPEN_MAX, but as written it is not clear that this imposes any requirement when OPEN_MAX is not defined, and it's undesirable to impose a dynamic limit (via setrlimit) here since the limit at the time of posix_spawn may be different from the limit at the time of setting up the file actions. this may require revisiting later.
Diffstat (limited to 'src/process/posix_spawn_file_actions_addopen.c')
1 files changed, 1 insertions, 0 deletions
diff --git a/src/process/posix_spawn_file_actions_addopen.c b/src/process/posix_spawn_file_actions_addopen.c
index 368922c7..82bbcec9 100644
--- a/src/process/posix_spawn_file_actions_addopen.c
+++ b/src/process/posix_spawn_file_actions_addopen.c
@@ -6,6 +6,7 @@
int posix_spawn_file_actions_addopen(posix_spawn_file_actions_t *restrict fa, int fd, const char *restrict path, int flags, mode_t mode)
+ if (fd < 0) return EBADF;
struct fdop *op = malloc(sizeof *op + strlen(path) + 1);
if (!op) return ENOMEM;
op->cmd = FDOP_OPEN;