-
It is in general unsafe to start a program with one or more of file descriptors 0/1/2 closed. Karl Chen for example noticed that stat_command does this in order to rename a pipe file descriptor to 0: dup2(from, 0); close(from); ... but if stdin was closed (for example) from == 0, so that dup2(0, 0); close(0); just ends up closing the pipe. Another extremely rare but nasty problem would occur if an "important" file ends up in file descriptor 2, and is corrupted by a call to die(). Fixing this in git was considered to be overkill, so this patch works around it only for git-shell. The fix is simply to open all the "low" descriptors to /dev/null in main. Signed-off-by:Paolo Bonzini <bonzini@gnu.org> Acked-by:
Stephen R. van den Berg <srb@cuci.nl> Signed-off-by:
Junio C Hamano <gitster@pobox.com>
0cfeed2e
