22 lines
566 B
ReStructuredText
22 lines
566 B
ReStructuredText
|
.. title:: clang-tidy - android-cloexec-pipe
|
||
|
|
|
||
|
|
android-cloexec-pipe
|
||
|
|
====================
|
||
|
|
|
||
|
|
This check detects usage of ``pipe()``. Using ``pipe()`` is not recommended, ``pipe2()`` is the
|
||
|
|
suggested replacement. The check also adds the O_CLOEXEC flag that marks the file descriptor to
|
||
|
|
be closed in child processes. Without this flag a sensitive file descriptor can be leaked to a
|
||
|
|
child process, potentially into a lower-privileged SELinux domain.
|
||
|
|
|
||
|
|
Examples:
|
||
|
|
|
||
|
|
.. code-block:: c++
|
||
|
|
|
||
|
|
pipe(pipefd);
|
||
|
|
|
||
|
|
Suggested replacement:
|
||
|
|
|
||
|
|
.. code-block:: c++
|
||
|
|
|
||
|
|
pipe2(pipefd, O_CLOEXEC);
|