File libpcap-ocloexec.patch of Package libpcap.2975

---
 configure.in           |    4 +++-
 fad-gifc.c             |    2 +-
 fad-glifc.c            |    4 ++--
 inet.c                 |    4 ++--
 nametoaddr.c           |    2 +-
 pcap-bt-linux.c        |    6 +++---
 pcap-can-linux.c       |    4 ++--
 pcap-canusb-linux.c    |    3 ++-
 pcap-linux.c           |   16 ++++++++--------
 pcap-netfilter-linux.c |    4 ++--
 pcap-nit.c             |    2 +-
 pcap-sita.c            |    2 +-
 pcap-snit.c            |    4 ++--
 pcap-snoop.c           |    2 +-
 pcap-usb-linux.c       |   12 ++++++------
 savefile.c             |    2 +-
 sf-pcap.c              |    2 +-
 17 files changed, 39 insertions(+), 36 deletions(-)

Index: libpcap-1.5.2/configure.in
===================================================================
--- libpcap-1.5.2.orig/configure.in	2013-11-07 23:23:22.000000000 +0000
+++ libpcap-1.5.2/configure.in	2013-12-14 11:40:45.000000000 +0000
@@ -21,7 +21,9 @@ AC_INIT(pcap.c)
 AC_CANONICAL_SYSTEM
 
 AC_LBL_C_INIT_BEFORE_CC(V_CCOPT, V_INCLS)
-AC_PROG_CC
+AC_PROG_CC_STDC
+AC_USE_SYSTEM_EXTENSIONS
+AC_SYS_LARGEFILE
 AC_LBL_C_INIT(V_CCOPT, V_INCLS)
 AC_LBL_SHLIBS_INIT
 AC_LBL_C_INLINE
Index: libpcap-1.5.2/fad-gifc.c
===================================================================
--- libpcap-1.5.2.orig/fad-gifc.c	2013-11-07 23:23:22.000000000 +0000
+++ libpcap-1.5.2/fad-gifc.c	2013-12-14 11:40:45.000000000 +0000
@@ -157,7 +157,7 @@ pcap_findalldevs_interfaces(pcap_if_t **
 	/*
 	 * Create a socket from which to fetch the list of interfaces.
 	 */
-	fd = socket(AF_INET, SOCK_DGRAM, 0);
+	fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC, 0);
 	if (fd < 0) {
 		(void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
 		    "socket: %s", pcap_strerror(errno));
Index: libpcap-1.5.2/fad-glifc.c
===================================================================
--- libpcap-1.5.2.orig/fad-glifc.c	2013-11-07 23:23:22.000000000 +0000
+++ libpcap-1.5.2/fad-glifc.c	2013-12-14 11:40:45.000000000 +0000
@@ -100,7 +100,7 @@ pcap_findalldevs_interfaces(pcap_if_t **
 	 * Create a socket from which to fetch the list of interfaces,
 	 * and from which to fetch IPv4 information.
 	 */
-	fd4 = socket(AF_INET, SOCK_DGRAM, 0);
+	fd4 = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC, 0);
 	if (fd4 < 0) {
 		(void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
 		    "socket: %s", pcap_strerror(errno));
@@ -110,7 +110,7 @@ pcap_findalldevs_interfaces(pcap_if_t **
 	/*
 	 * Create a socket from which to fetch IPv6 information.
 	 */
-	fd6 = socket(AF_INET6, SOCK_DGRAM, 0);
+	fd6 = socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC, 0);
 	if (fd6 < 0) {
 		(void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
 		    "socket: %s", pcap_strerror(errno));
Index: libpcap-1.5.2/inet.c
===================================================================
--- libpcap-1.5.2.orig/inet.c	2013-11-07 23:23:22.000000000 +0000
+++ libpcap-1.5.2/inet.c	2013-12-14 11:40:45.000000000 +0000
@@ -430,7 +430,7 @@ add_addr_to_iflist(pcap_if_t **alldevs,
 	 */
 	memset(&ifrdesc, 0, sizeof ifrdesc);
 	strlcpy(ifrdesc.ifr_name, name, sizeof ifrdesc.ifr_name);
-	s = socket(AF_INET, SOCK_DGRAM, 0);
+	s = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC, 0);
 	if (s >= 0) {
 #ifdef __FreeBSD__
 		/*
@@ -745,7 +745,7 @@ pcap_lookupnet(device, netp, maskp, errb
 		return 0;
 	}
 
-	fd = socket(AF_INET, SOCK_DGRAM, 0);
+	fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC, 0);
 	if (fd < 0) {
 		(void)snprintf(errbuf, PCAP_ERRBUF_SIZE, "socket: %s",
 		    pcap_strerror(errno));
Index: libpcap-1.5.2/nametoaddr.c
===================================================================
--- libpcap-1.5.2.orig/nametoaddr.c	2013-11-07 23:23:22.000000000 +0000
+++ libpcap-1.5.2/nametoaddr.c	2013-12-14 11:40:45.000000000 +0000
@@ -443,7 +443,7 @@ pcap_ether_hostton(const char *name)
 	static int init = 0;
 
 	if (!init) {
-		fp = fopen(PCAP_ETHERS_FILE, "r");
+		fp = fopen(PCAP_ETHERS_FILE, "re");
 		++init;
 		if (fp == NULL)
 			return (NULL);
Index: libpcap-1.5.2/pcap-bt-linux.c
===================================================================
--- libpcap-1.5.2.orig/pcap-bt-linux.c	2013-11-07 23:23:22.000000000 +0000
+++ libpcap-1.5.2/pcap-bt-linux.c	2013-12-14 11:40:45.000000000 +0000
@@ -85,7 +85,7 @@ bt_findalldevs(pcap_if_t **alldevsp, cha
 	int i, sock;
 	int ret = 0;
 
-	sock  = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI);
+	sock  = socket(AF_BLUETOOTH, SOCK_RAW|SOCK_CLOEXEC, BTPROTO_HCI);
 	if (sock < 0)
 	{
 		/* if bluetooth is not supported this this is not fatal*/ 
@@ -218,7 +218,7 @@ bt_activate(pcap_t* handle)
 	handlep->dev_id = dev_id;
 	
 	/* Create HCI socket */
-	handle->fd = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI);
+	handle->fd = socket(AF_BLUETOOTH, SOCK_RAW|SOCK_CLOEXEC, BTPROTO_HCI);
 	if (handle->fd < 0) {
 		snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
 		    "Can't create raw socket: %s", strerror(errno));
@@ -322,7 +322,7 @@ bt_read_linux(pcap_t *handle, int max_pa
 
 	/* ignore interrupt system call error */
 	do {
-		ret = recvmsg(handle->fd, &msg, 0);
+		ret = recvmsg(handle->fd, &msg, MSG_CMSG_CLOEXEC);
 		if (handle->break_loop)
 		{
 			handle->break_loop = 0;
Index: libpcap-1.5.2/pcap-can-linux.c
===================================================================
--- libpcap-1.5.2.orig/pcap-can-linux.c	2013-11-07 23:23:22.000000000 +0000
+++ libpcap-1.5.2/pcap-can-linux.c	2013-12-14 11:40:45.000000000 +0000
@@ -161,7 +161,7 @@ can_activate(pcap_t* handle)
 	handle->stats_op = can_stats_linux;
 
 	/* Create socket */
-	handle->fd = socket(PF_CAN, SOCK_RAW, CAN_RAW);
+	handle->fd = socket(PF_CAN, SOCK_RAW|SOCK_CLOEXEC, CAN_RAW);
 	if (handle->fd < 0)
 	{
 		snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Can't create raw socket %d:%s",
@@ -235,7 +235,7 @@ can_read_linux(pcap_t *handle, int max_p
 
 	do
 	{
-		pkth.caplen = recvmsg(handle->fd, &msg, 0);
+		pkth.caplen = recvmsg(handle->fd, &msg, MSG_CMSG_CLOEXEC);
 		if (handle->break_loop)
 		{
 			handle->break_loop = 0;
Index: libpcap-1.5.2/pcap-canusb-linux.c
===================================================================
--- libpcap-1.5.2.orig/pcap-canusb-linux.c	2013-11-07 23:23:22.000000000 +0000
+++ libpcap-1.5.2/pcap-canusb-linux.c	2013-12-14 11:40:45.000000000 +0000
@@ -36,6 +36,7 @@
 #include "config.h"
 #endif
 
+#include <pthread.h>
 #include <libusb-1.0/libusb.h>
 
 #include <stdlib.h>
@@ -289,7 +290,7 @@ static int canusb_startcapture(struct pc
 {
     int pipefd[2];
 
-    if (pipe(pipefd) == -1)
+    if (pipe2(pipefd, O_CLOEXEC) == -1)
         return -1;
 
     this->rdpipe = pipefd[0];
Index: libpcap-1.5.2/pcap-linux.c
===================================================================
--- libpcap-1.5.2.orig/pcap-linux.c	2013-12-14 11:32:03.000000000 +0000
+++ libpcap-1.5.2/pcap-linux.c	2013-12-14 11:40:46.000000000 +0000
@@ -962,7 +962,7 @@ pcap_can_set_rfmon_linux(pcap_t *handle)
 	 * (We assume that if we have Wireless Extensions support
 	 * we also have PF_PACKET support.)
 	 */
-	sock_fd = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
+	sock_fd = socket(PF_PACKET, SOCK_RAW|SOCK_CLOEXEC, htons(ETH_P_ALL));
 	if (sock_fd == -1) {
 		(void)snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
 		    "socket: %s", pcap_strerror(errno));
@@ -1539,7 +1539,7 @@ pcap_read_packet(pcap_t *handle, pcap_ha
 		}
 
 #if defined(HAVE_PACKET_AUXDATA) && defined(HAVE_LINUX_TPACKET_AUXDATA_TP_VLAN_TCI)
-		packet_len = recvmsg(handle->fd, &msg, MSG_TRUNC);
+		packet_len = recvmsg(handle->fd, &msg, MSG_TRUNC|MSG_CMSG_CLOEXEC);
 #else /* defined(HAVE_PACKET_AUXDATA) && defined(HAVE_LINUX_TPACKET_AUXDATA_TP_VLAN_TCI) */
 		fromlen = sizeof(from);
 		packet_len = recvfrom(
@@ -2030,7 +2030,7 @@ scan_sys_class_net(pcap_if_t **devlistp,
 	/*
 	 * Create a socket from which to fetch interface information.
 	 */
-	fd = socket(AF_INET, SOCK_DGRAM, 0);
+	fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC, 0);
 	if (fd < 0) {
 		(void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
 		    "socket: %s", pcap_strerror(errno));
@@ -2207,7 +2207,7 @@ scan_proc_net_dev(pcap_if_t **devlistp,
 	/*
 	 * Create a socket from which to fetch interface information.
 	 */
-	fd = socket(AF_INET, SOCK_DGRAM, 0);
+	fd = socket(AF_INET, SOCK_DGRAM|SOCK_CLOEXEC, 0);
 	if (fd < 0) {
 		(void)snprintf(errbuf, PCAP_ERRBUF_SIZE,
 		    "socket: %s", pcap_strerror(errno));
@@ -3030,8 +3030,8 @@ activate_new(pcap_t *handle)
 	 * try a SOCK_RAW socket for the raw interface.
 	 */
 	sock_fd = is_any_device ?
-		socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_ALL)) :
-		socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));
+		socket(PF_PACKET, SOCK_DGRAM|SOCK_CLOEXEC, htons(ETH_P_ALL)) :
+		socket(PF_PACKET, SOCK_RAW|SOCK_CLOEXEC, htons(ETH_P_ALL));
 
 	if (sock_fd == -1) {
 		if (errno == EINVAL || errno == EAFNOSUPPORT) {
@@ -3147,7 +3147,7 @@ activate_new(pcap_t *handle)
 					 "close: %s", pcap_strerror(errno));
 				return PCAP_ERROR;
 			}
-			sock_fd = socket(PF_PACKET, SOCK_DGRAM,
+			sock_fd = socket(PF_PACKET, SOCK_DGRAM|SOCK_CLOEXEC,
 			    htons(ETH_P_ALL));
 			if (sock_fd == -1) {
 				snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
@@ -5465,7 +5465,7 @@ activate_old(pcap_t *handle)
 
 	/* Open the socket */
 
-	handle->fd = socket(PF_INET, SOCK_PACKET, htons(ETH_P_ALL));
+	handle->fd = socket(PF_INET, SOCK_PACKET|SOCK_CLOEXEC, htons(ETH_P_ALL));
 	if (handle->fd == -1) {
 		snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
 			 "socket: %s", pcap_strerror(errno));
Index: libpcap-1.5.2/pcap-netfilter-linux.c
===================================================================
--- libpcap-1.5.2.orig/pcap-netfilter-linux.c	2013-11-07 23:23:22.000000000 +0000
+++ libpcap-1.5.2/pcap-netfilter-linux.c	2013-12-14 11:40:46.000000000 +0000
@@ -487,7 +487,7 @@ netfilter_activate(pcap_t* handle)
 	handle->stats_op = netfilter_stats_linux;
 
 	/* Create netlink socket */
-	handle->fd = socket(AF_NETLINK, SOCK_RAW, NETLINK_NETFILTER);
+	handle->fd = socket(AF_NETLINK, SOCK_RAW|SOCK_CLOEXEC, NETLINK_NETFILTER);
 	if (handle->fd < 0) {
 		snprintf(handle->errbuf, PCAP_ERRBUF_SIZE, "Can't create raw socket %d:%s", errno, pcap_strerror(errno));
 		return PCAP_ERROR;
@@ -634,7 +634,7 @@ netfilter_findalldevs(pcap_if_t **alldev
 {
 	int sock;
 	
-	sock = socket(AF_NETLINK, SOCK_RAW, NETLINK_NETFILTER);
+	sock = socket(AF_NETLINK, SOCK_RAW|SOCK_CLOEXEC, NETLINK_NETFILTER);
 	if (sock < 0) {
 		/* if netlink is not supported this is not fatal */
 		if (errno == EAFNOSUPPORT || errno == EPROTONOSUPPORT)
Index: libpcap-1.5.2/pcap-nit.c
===================================================================
--- libpcap-1.5.2.orig/pcap-nit.c	2013-11-07 23:23:22.000000000 +0000
+++ libpcap-1.5.2/pcap-nit.c	2013-12-14 11:40:46.000000000 +0000
@@ -282,7 +282,7 @@ pcap_activate_nit(pcap_t *p)
 		p->snapshot = 96;
 
 	memset(p, 0, sizeof(*p));
-	p->fd = fd = socket(AF_NIT, SOCK_RAW, NITPROTO_RAW);
+	p->fd = fd = socket(AF_NIT, SOCK_RAW|SOCK_CLOEXEC, NITPROTO_RAW);
 	if (fd < 0) {
 		snprintf(p->errbuf, PCAP_ERRBUF_SIZE,
 		    "socket: %s", pcap_strerror(errno));
Index: libpcap-1.5.2/pcap-sita.c
===================================================================
--- libpcap-1.5.2.orig/pcap-sita.c	2013-11-07 23:23:22.000000000 +0000
+++ libpcap-1.5.2/pcap-sita.c	2013-12-14 11:40:46.000000000 +0000
@@ -326,7 +326,7 @@ static int open_with_IOP(unit_t  *u, int
 	u->serv_addr->sin_addr.s_addr	= inet_addr(ip);
 	u->serv_addr->sin_port			= htons(IOP_SNIFFER_PORT);
 
-	if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
+	if ((sockfd = socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC, 0)) < 0) {
 		fprintf(stderr, "pcap can't open a socket for connecting to IOP at %s\n", ip);
 		return 0;
 	}
Index: libpcap-1.5.2/pcap-snit.c
===================================================================
--- libpcap-1.5.2.orig/pcap-snit.c	2013-11-07 23:23:22.000000000 +0000
+++ libpcap-1.5.2/pcap-snit.c	2013-12-14 11:40:46.000000000 +0000
@@ -321,9 +321,9 @@ pcap_activate_snit(pcap_t *p)
 	 * the device in question) can be indicated at open
 	 * time.
 	 */
-	p->fd = fd = open(dev, O_RDWR);
+	p->fd = fd = open(dev, O_RDWR|O_CLOEXEC);
 	if (fd < 0 && errno == EACCES)
-		p->fd = fd = open(dev, O_RDONLY);
+		p->fd = fd = open(dev, O_RDONLY|O_CLOEXEC);
 	if (fd < 0) {
 		snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "%s: %s", dev,
 		    pcap_strerror(errno));
Index: libpcap-1.5.2/pcap-snoop.c
===================================================================
--- libpcap-1.5.2.orig/pcap-snoop.c	2013-11-07 23:23:22.000000000 +0000
+++ libpcap-1.5.2/pcap-snoop.c	2013-12-14 11:40:46.000000000 +0000
@@ -214,7 +214,7 @@ pcap_activate_snoop(pcap_t *p)
 	int snooplen;
 	struct ifreq ifr;
 
-	fd = socket(PF_RAW, SOCK_RAW, RAWPROTO_SNOOP);
+	fd = socket(PF_RAW, SOCK_RAW|SOCK_CLOEXEC, RAWPROTO_SNOOP);
 	if (fd < 0) {
 		snprintf(p->errbuf, PCAP_ERRBUF_SIZE, "snoop socket: %s",
 		    pcap_strerror(errno));
Index: libpcap-1.5.2/pcap-usb-linux.c
===================================================================
--- libpcap-1.5.2.orig/pcap-usb-linux.c	2013-11-07 23:23:22.000000000 +0000
+++ libpcap-1.5.2/pcap-usb-linux.c	2013-12-14 11:43:09.000000000 +0000
@@ -263,7 +263,7 @@ probe_devices(int bus)
 
 		snprintf(buf, sizeof(buf), "/dev/bus/usb/%03d/%s", bus, data->d_name);
 		
-		fd = open(buf, O_RDWR);
+		fd = open(buf, O_RDWR|O_CLOEXEC);
 		if (fd == -1)
 			continue;
 
@@ -365,7 +365,7 @@ usb_activate(pcap_t* handle)
 
 	/*now select the read method: try to open binary interface */
 	snprintf(full_path, USB_LINE_LEN, LINUX_USB_MON_DEV"%d", handlep->bus_index);  
-	handle->fd = open(full_path, O_RDONLY, 0);
+	handle->fd = open(full_path, O_RDONLY|O_CLOEXEC, 0);
 	if (handle->fd >= 0)
 	{
 		if (handle->opt.rfmon) {
@@ -400,7 +400,7 @@ usb_activate(pcap_t* handle)
 	else {
 		/*Binary interface not available, try open text interface */
 		snprintf(full_path, USB_LINE_LEN, USB_TEXT_DIR"/%dt", handlep->bus_index);  
-		handle->fd = open(full_path, O_RDONLY, 0);
+		handle->fd = open(full_path, O_RDONLY|O_CLOEXEC, 0);
 		if (handle->fd < 0)
 		{
 			if (errno == ENOENT)
@@ -410,7 +410,7 @@ usb_activate(pcap_t* handle)
 				 * the old location.
 				 */
 				snprintf(full_path, USB_LINE_LEN, USB_TEXT_DIR_OLD"/%dt", handlep->bus_index);  
-				handle->fd = open(full_path, O_RDONLY, 0);
+				handle->fd = open(full_path, O_RDONLY|O_CLOEXEC, 0);
 			}
 			if (handle->fd < 0) {
 				/* no more fallback, give it up*/
@@ -678,7 +678,7 @@ usb_stats_linux(pcap_t *handle, struct p
 	int fd;
 
 	snprintf(string, USB_LINE_LEN, USB_TEXT_DIR"/%ds", handlep->bus_index);
-	fd = open(string, O_RDONLY, 0);
+	fd = open(string, O_RDONLY|O_CLOEXEC, 0);
 	if (fd < 0)
 	{
 		if (errno == ENOENT)
@@ -688,7 +688,7 @@ usb_stats_linux(pcap_t *handle, struct p
 			 * location.
 			 */
 			snprintf(string, USB_LINE_LEN, USB_TEXT_DIR_OLD"/%ds", handlep->bus_index);
-			fd = open(string, O_RDONLY, 0);
+			fd = open(string, O_RDONLY|O_CLOEXEC, 0);
 		}
 		if (fd < 0) {
 			snprintf(handle->errbuf, PCAP_ERRBUF_SIZE,
Index: libpcap-1.5.2/savefile.c
===================================================================
--- libpcap-1.5.2.orig/savefile.c	2013-11-07 23:23:22.000000000 +0000
+++ libpcap-1.5.2/savefile.c	2013-12-14 11:40:46.000000000 +0000
@@ -190,7 +190,7 @@ pcap_open_offline_with_tstamp_precision(
 	}
 	else {
 #if !defined(WIN32) && !defined(MSDOS)
-		fp = fopen(fname, "r");
+		fp = fopen(fname, "re");
 #else
 		fp = fopen(fname, "rb");
 #endif
Index: libpcap-1.5.2/sf-pcap.c
===================================================================
--- libpcap-1.5.2.orig/sf-pcap.c	2013-11-07 23:23:22.000000000 +0000
+++ libpcap-1.5.2/sf-pcap.c	2013-12-14 11:40:46.000000000 +0000
@@ -679,7 +679,7 @@ pcap_dump_open(pcap_t *p, const char *fn
 		fname = "standard output";
 	} else {
 #if !defined(WIN32) && !defined(MSDOS)
-		f = fopen(fname, "w");
+		f = fopen(fname, "we");
 #else
 		f = fopen(fname, "wb");
 #endif