Skip to content

i#2884: Add O_CLOEXEC to prevent fd leakage in injector#7972

Open
mmustafasenoglu wants to merge 1 commit into
DynamoRIO:masterfrom
mmustafasenoglu:fix/arm-typo-and-fd-leak
Open

i#2884: Add O_CLOEXEC to prevent fd leakage in injector#7972
mmustafasenoglu wants to merge 1 commit into
DynamoRIO:masterfrom
mmustafasenoglu:fix/arm-typo-and-fd-leak

Conversation

@mmustafasenoglu

@mmustafasenoglu mmustafasenoglu commented Jun 27, 2026

Copy link
Copy Markdown

i#2884: Add O_CLOEXEC to prevent fd leakage in injector

When drrun injects libdynamorio.so into a child process, the file
descriptor used to open the library was not marked close-on-exec.
This caused the fd to leak into the target program, which could be
exploited by malware to detect DynamoRIO or alter behavior.

Added O_CLOEXEC flag to the injectee_open call in
core/unix/injector.c.

Reproduction:

  1. Run: drrun -- target_program
  2. Check /proc/<target_pid>/fd before fix - fd 3 points to
    libdynamorio.so
  3. After fix, fd 3 is closed on exec and not visible in
    the target process

Testing:
Verified that the fd is closed on exec by checking
/proc//fd after running drrun. The fd no longer leaks
to the target process.

Fixes #2884

When drrun injects libdynamorio.so into a child process, the file
descriptor used to open the library was not marked close-on-exec.
This caused the fd to leak into the target program, which could be
exploited by malware to detect DynamoRIO or alter behavior.

Added O_CLOEXEC flag to the injectee_open call so the fd is
automatically closed on exec.

Fixes DynamoRIO#2884
@edeiana edeiana self-requested a review June 29, 2026 23:36

@edeiana edeiana left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for contributing!

Please clean up your commit message (i.e., PR description) and title following: https://dynamorio.org/page_code_reviews.html#sec_commit_messages.

For example: stay within 80 chars per line; the tile should be prefixed with i#2884; no need to add a diff of the changes in the PR description (that's what git diff is for); end your PR description with Fixes #2884; avoid markdown titles within the PR description (this change is small enough to not need subsections like: "Description", "Change", "Testing").

If adding a test for this change is not feasible, add the steps used to reproduce the issue showing that it's actually fixed in the PR description; the description under "Testing" is not enough, please add the precise commands and output.

@mmustafasenoglu mmustafasenoglu changed the title fix(injector): add O_CLOEXEC to prevent fd leakage to child process i#2884: Add O_CLOEXEC to prevent fd leakage in injector Jul 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

minor security issue: file descriptor leakage

2 participants