bolt/deps/llvm-18.1.8/clang-tools-extra/docs/clang-tidy/checks/android/cloexec-pipe2.rst

.. title:: clang-tidy - android-cloexec-pipe2

android-cloexec-pipe2
=====================

This check ensures that pipe2() is called with the O_CLOEXEC flag. The check also
adds the O_CLOEXEC flag that marks the file descriptor to be closed in child processes.
Without this flag a sensitive file descriptor can be leaked to a child process,
potentially into a lower-privileged SELinux domain.

Examples:

.. code-block:: c++

  pipe2(pipefd, O_NONBLOCK);

Suggested replacement:

.. code-block:: c++

  pipe2(pipefd, O_NONBLOCK | O_CLOEXEC);
Embed LLVM 18.1.8 2025-02-14 19:21:04 +01:00			`.. title:: clang-tidy - android-cloexec-pipe2`

			`android-cloexec-pipe2`
			`=====================`

			`This check ensures that pipe2() is called with the O_CLOEXEC flag. The check also`
			`adds the O_CLOEXEC flag that marks the file descriptor to be closed in child processes.`
			`Without this flag a sensitive file descriptor can be leaked to a child process,`
			`potentially into a lower-privileged SELinux domain.`

			`Examples:`

			`.. code-block:: c++`

			`pipe2(pipefd, O_NONBLOCK);`

			`Suggested replacement:`

			`.. code-block:: c++`

			`pipe2(pipefd, O_NONBLOCK \| O_CLOEXEC);`