From 1c798cee47fcab24310c436eb6ca0b409dee734f Mon Sep 17 00:00:00 2001
From: matt335672 <30179339+matt335672@users.noreply.github.com>
Date: Fri, 21 Apr 2023 16:04:06 +0100
Subject: [PATCH] Logging: Add LOG_DEVEL_LOG_LEAKING_FDS

---
 common/log.c | 24 ++++++++++++++++++++++++
 common/log.h | 21 +++++++++++++++++++++
 2 files changed, 45 insertions(+)

diff --git a/common/log.c b/common/log.c
index 07565668..b24ac043 100644
--- a/common/log.c
+++ b/common/log.c
@@ -1173,3 +1173,27 @@ getFormattedDateTime(char *replybuf, int bufsize)
     return replybuf;
 }
 
+/*****************************************************************************/
+#ifdef USE_DEVEL_LOGGING
+void
+log_devel_leaking_fds(const char *exe, int min, int max)
+{
+    struct list *fd_list = g_get_open_fds(min, max);
+
+    if (fd_list != NULL)
+    {
+        int i;
+        for (i = 0 ; i < fd_list->count ; ++i)
+        {
+            int fd = (int)fd_list->items[i];
+            if (g_file_get_cloexec(fd) == 0)
+            {
+                LOG_DEVEL(LOG_LEVEL_WARNING,
+                          "File descriptor %d is not CLOEXEC when running %s",
+                          fd, exe);
+            }
+        }
+    }
+}
+#endif // USE_DEVEL_LOGGING
+
diff --git a/common/log.h b/common/log.h
index d4254d9b..32906af1 100644
--- a/common/log.h
+++ b/common/log.h
@@ -149,6 +149,8 @@ enum logReturns
 #define LOG_HEXDUMP(log_level, message, buffer, length)  \
     log_hexdump_with_location(__func__, __FILE__, __LINE__, log_level, message, buffer, length)
 
+#define LOG_DEVEL_LEAKING_FDS(exe,min,max) log_devel_leaking_fds(exe,min,max)
+
 #else
 #define LOG(log_level, args...) log_message(log_level, args)
 #define LOG_HEXDUMP(log_level, message, buffer, length)  \
@@ -160,6 +162,7 @@ enum logReturns
 #define LOG_DEVEL(log_level, args...) UNUSED_VAR(LOG_STARTUP_OK)
 #define LOG_DEVEL_HEXDUMP(log_level, message, buffer, length) UNUSED_VAR(LOG_STARTUP_OK)
 
+#define LOG_DEVEL_LEAKING_FDS(exe,min,max)
 #endif
 
 /* Flags values for log_start() */
@@ -440,4 +443,22 @@ char *getLogFile(char *replybuf, int bufsize);
  * @return
  */
 char *getFormattedDateTime(char *replybuf, int bufsize);
+
+#ifdef USE_DEVEL_LOGGING
+/**
+ * Log open file descriptors not cloexec before execing another program
+ *
+ * Used to ensure file descriptors aren't leaking when running
+ * non-privileged executables
+ *
+ * Use the LOG_DEVEL_LEAKING_FDS() macro to invoke this function
+ *
+ * @param exe Executable we're about to launch
+ * @param min Minimum FD to consider
+ * @param max Maximum FD to consider + 1, or -1 for no upper FD
+ */
+void
+log_devel_leaking_fds(const char *exe, int min, int max);
+#endif
+
 #endif