From: Kevin McCarthy <kevin@8t8.us>
Date: Mon, 21 Nov 2016 00:19:17 +0000 (-0800)
Subject: Don't close stderr when opening a tunnel. (closes #3726)
X-Git-Tag: mutt-1-8-rel~72
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=de209a86acafe40d6c10df69cb08e0c6f003eb21;p=mutt

Don't close stderr when opening a tunnel. (closes #3726)

Instead of closing stderr, redirect it to /dev/null in
tunnel_socket_open().  Otherwise a program can accidentally open a
file into handle 2 and then unknowingly use that when trying to print
to stderr.

Thanks to lotheac for the original patch, which I just modified
slightly.
---

diff --git a/mutt_tunnel.c b/mutt_tunnel.c
index b43bbf93..d49626e6 100644
--- a/mutt_tunnel.c
+++ b/mutt_tunnel.c
@@ -65,6 +65,7 @@ static int tunnel_socket_open (CONNECTION *conn)
   int pid;
   int rc;
   int pin[2], pout[2];
+  int devnull;
 
   tunnel = (TUNNEL_DATA*) safe_malloc (sizeof (TUNNEL_DATA));
   conn->sockdata = tunnel;
@@ -86,13 +87,17 @@ static int tunnel_socket_open (CONNECTION *conn)
   if ((pid = fork ()) == 0)
   {
     mutt_unblock_signals_system (0);
-    if (dup2 (pout[0], STDIN_FILENO) < 0 || dup2 (pin[1], STDOUT_FILENO) < 0)
+    devnull = open ("/dev/null", O_RDWR);
+    if (devnull < 0 ||
+        dup2 (pout[0], STDIN_FILENO) < 0 ||
+        dup2 (pin[1], STDOUT_FILENO) < 0 ||
+        dup2 (devnull, STDERR_FILENO) < 0)
       _exit (127);
     close (pin[0]);
     close (pin[1]);
     close (pout[0]);
     close (pout[1]);
-    close (STDERR_FILENO);
+    close (devnull);
 
     /* Don't let the subprocess think it can use the controlling tty */
     setsid ();