i#2884: Add O_CLOEXEC to prevent fd leakage in injector#7972
i#2884: Add O_CLOEXEC to prevent fd leakage in injector#7972mmustafasenoglu wants to merge 1 commit into
Conversation
When drrun injects libdynamorio.so into a child process, the file descriptor used to open the library was not marked close-on-exec. This caused the fd to leak into the target program, which could be exploited by malware to detect DynamoRIO or alter behavior. Added O_CLOEXEC flag to the injectee_open call so the fd is automatically closed on exec. Fixes DynamoRIO#2884
There was a problem hiding this comment.
Thank you for contributing!
Please clean up your commit message (i.e., PR description) and title following: https://dynamorio.org/page_code_reviews.html#sec_commit_messages.
For example: stay within 80 chars per line; the tile should be prefixed with i#2884; no need to add a diff of the changes in the PR description (that's what git diff is for); end your PR description with Fixes #2884; avoid markdown titles within the PR description (this change is small enough to not need subsections like: "Description", "Change", "Testing").
If adding a test for this change is not feasible, add the steps used to reproduce the issue showing that it's actually fixed in the PR description; the description under "Testing" is not enough, please add the precise commands and output.
i#2884: Add O_CLOEXEC to prevent fd leakage in injector
When drrun injects libdynamorio.so into a child process, the file
descriptor used to open the library was not marked close-on-exec.
This caused the fd to leak into the target program, which could be
exploited by malware to detect DynamoRIO or alter behavior.
Added O_CLOEXEC flag to the injectee_open call in
core/unix/injector.c.
Reproduction:
libdynamorio.so
the target process
Testing:
Verified that the fd is closed on exec by checking
/proc//fd after running drrun. The fd no longer leaks
to the target process.
Fixes #2884