Extra Clang Tools 6 documentation

clang-tidy - android-cloexec-accept4

«  android-cloexec-accept   ::   Contents   ::   android-cloexec-creat  »

android-cloexec-accept4

accept4() should include SOCK_CLOEXEC in its type argument to avoid the file descriptor leakage. Without this flag, an opened sensitive file would remain open across a fork+exec to a lower-privileged SELinux domain.

Examples:

accept4(sockfd, addr, addrlen, SOCK_NONBLOCK);

// becomes

accept4(sockfd, addr, addrlen, SOCK_NONBLOCK | SOCK_CLOEXEC);

«  android-cloexec-accept   ::   Contents   ::   android-cloexec-creat  »