From cf2c17486d0c755f6f9456b25cddb3d78049dbe9 Mon Sep 17 00:00:00 2001
From: Kou Wenqi <kouwenqi@kylinos.cn>
Date: Thu, 18 Jul 2024 17:28:33 +0800
Subject: [PATCH] Fix leaking file descriptor to child processes

---
 ...aking-file-descriptor-to-child-proce.patch | 28 +++++++++++++++++++
 libusbmuxd.spec                               |  6 +++-
 2 files changed, 33 insertions(+), 1 deletion(-)
 create mode 100644 6001-inotify-Avoid-leaking-file-descriptor-to-child-proce.patch

diff --git a/6001-inotify-Avoid-leaking-file-descriptor-to-child-proce.patch b/6001-inotify-Avoid-leaking-file-descriptor-to-child-proce.patch
new file mode 100644
index 0000000..fcd8a36
--- /dev/null
+++ b/6001-inotify-Avoid-leaking-file-descriptor-to-child-proce.patch
@@ -0,0 +1,28 @@
+From c8e627016edd1440c8faf6f9b8f4092a83e01164 Mon Sep 17 00:00:00 2001
+From: David Edmundson <kde@davidedmundson.co.uk>
+Date: Wed, 1 Nov 2023 14:32:43 +0000
+Subject: [PATCH] inotify: Avoid leaking file descriptor to child processes
+
+inotify_init creates a file descriptor which by default is not makes
+with CLOEXEC. If the application using libusbmuxd spawns applications
+this then leaks through.
+---
+ src/libusbmuxd.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/libusbmuxd.c b/src/libusbmuxd.c
+index af8636b..e922106 100644
+--- a/src/libusbmuxd.c
++++ b/src/libusbmuxd.c
+@@ -544,7 +544,7 @@ static int usbmuxd_listen_inotify()
+ 		return sfd;
+ 
+ 	sfd = -1;
+-	inot_fd = inotify_init ();
++	inot_fd = inotify_init1(IN_CLOEXEC);
+ 	if (inot_fd < 0) {
+ 		DEBUG(1, "%s: Failed to setup inotify\n", __func__);
+ 		return -2;
+-- 
+2.27.0
+
diff --git a/libusbmuxd.spec b/libusbmuxd.spec
index 1ac9985..c829f40 100644
--- a/libusbmuxd.spec
+++ b/libusbmuxd.spec
@@ -1,11 +1,12 @@
 Name:          libusbmuxd
 Version:       1.0.10
-Release:       12
+Release:       13
 Summary:       software protocol library and tools to communicate with iOS devices natively
 License:       LGPLv2+ and GPLv2+
 URL:           http://www.libimobiledevice.org/
 Source0:       http://www.libimobiledevice.org/downloads/%{name}-%{version}.tar.bz2
 Patch0:        6000-CVE-2016-5104.patch
+Patch1:        6001-inotify-Avoid-leaking-file-descriptor-to-child-proce.patch
 
 BuildRequires: gcc git libplist-devel >= 1.11
 Provides:      %{name}-utils
@@ -57,6 +58,9 @@ make check
 %{_libdir}/pkgconfig/libusbmuxd.pc
 
 %changelog
+* Thu Jul 18 2024 kouwenqi <kouwenqi@kylinos.cn>  - 1.0.10-13
+- Fix leaking file descriptor to child processes
+
 * Fri Aug 30 2019 louhongxiang <louhongxiang@huawei.com> - 1.0.10-12
 - Type:enhancemnet
 - ID:NA