From a30f9a2227383b50d051c040df9120e7dad35325 Mon Sep 17 00:00:00 2001
From: Philipp Gesang <philipp.gesang@intra2net.com>
Date: Mon, 12 Feb 2018 10:48:07 +0100
Subject: [PATCH] protect pipe fd with O_CLOEXEC

On the parent, prevent other exec()s than the one in our child
from carrying over the fd. The pipe wrapper may be long lived
for this to become a problem.
---
 src/pipestream.cpp |    6 ++++--
 1 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/pipestream.cpp b/src/pipestream.cpp
index 7a89be2..7816279 100644
--- a/src/pipestream.cpp
+++ b/src/pipestream.cpp
@@ -257,8 +257,8 @@ inpipebuf::init_without_shell (const char *const *argv,
     }
 
     errno = 0;
-    if (::pipe (pipefd) == -1) {
-        PIPE_CTOR_FAIL("pipe");
+    if (::pipe2 (pipefd, O_CLOEXEC) == -1) {
+        PIPE_CTOR_FAIL("pipe2");
     }
 
     sigfillset (&newmask);
@@ -275,6 +275,8 @@ inpipebuf::init_without_shell (const char *const *argv,
         case 0: {
             close (pipefd [0]);
 
+            fcntl (pipefd [1], F_SETFD, 0);
+
             if (!out) {
                 if (!redirect_devnull (STDOUT_FILENO)) {
                     fprintf(stderr, "redirect_devnull/stdout: %m\n");
-- 
1.7.1