On 4/26/22 02:27, marcandre.lureau@redhat.com wrote:
> From: Marc-André Lureau <marcandre.lureau@redhat.com>
>
> Suggested-by: Daniel P. Berrangé <berrange@redhat.com>
> Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
> ---
> qga/commands-posix.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/qga/commands-posix.c b/qga/commands-posix.c
> index 77f4672ca2c9..094487c2c395 100644
> --- a/qga/commands-posix.c
> +++ b/qga/commands-posix.c
> @@ -2529,7 +2529,7 @@ void qmp_guest_set_user_password(const char *username,
> goto out;
> }
>
> - if (pipe(datafd) < 0) {
> + if (!g_unix_open_pipe(datafd, FD_CLOEXEC, NULL)) {
> error_setg(errp, "cannot create pipe FDs");
> goto out;
> }
This looks wrong, since the next thing that happens is fork+execl.
Before exec(), it does
close(datafd[1]);
dup2(datafd[0], 0);
0, the newfd, does not share file descriptor flags (the close-on-exec flag).
I did a quick test, and it seems to be fine.