gspawn: avoid race due to retry with EINTR on close() (!2947) · Merge requests · GNOME / GLib

Thomas Haller requested to merge th/gspawn-no-safe-close into main Oct 13, 2022

Retry on EINTR is wrong on many OS, including Linux. See the comment in g_close() why that is.

As we cannot use g_close() after fork, we had safe_close(). This had the wrong retry loop on EINTR. Drop that.

Don't only drop the retry loop, instead just use close() directly. Maybe keeping an internal wrapper around close() would be beneficial, to possibly abstract the handling of EINTR. However, glib has many direct calls to close(), that likewise don't wrap this. If you want a wrapper around close() (that is async-signal-safe and below g_close()), then add one project wide, not only inside "gspawn.c".

This is especially problematic since commit 6f462942 ('gspawn: Don’t use g_close() in async-signal-safe context'). Before, safe_close() was only called after fork, where there is only one thread and there is no concern about a race.

Fixes: 6f462942 ('gspawn: Don’t use g_close() in async-signal-safe context')

See-also: #1638 (comment 1573053)

Edited Oct 13, 2022 by Thomas Haller

gspawn: avoid race due to retry with EINTR on close()

Merge request reports