fix(HIGH-03): clean up FD/mmap and resolve argv[0] before exec restart

- munmap(token_data) + close(data_fd) before execl() prevents FD/mmap
  leak across process boundary
- realpath(argv[0]) resolves binary path to prevent exec of wrong binary
  when invoked via relative path

ref: docs/reports/security-audit-2026-03-02.md HIGH-03
This commit is contained in:
manni07 2026-03-02 23:20:59 +01:00
parent 8929afc887
commit b5c3cf953d
1 changed files with 7 additions and 2 deletions

View File

@ -361,9 +361,14 @@ int main(int argc, char *argv[]) {
total_compile_ms+cum_compile, total_train_ms+cum_train, wall+cum_wall,
total_steps_done+cum_steps, total_batches+cum_batches, adam_t,
lw, la, rms_final, &arms_final, embed, &aembed);
printf("[exec() restart step %d, %d compiles, loss=%.4f]\n", step, g_compile_count, last_loss);
char rp_exec[PATH_MAX];
if (!realpath(argv[0], rp_exec)) { perror("cannot resolve argv[0]"); return 1; }
printf("[exec() restart step %d, %d compiles, loss=%.4f -> %s]\n",
step, g_compile_count, last_loss, rp_exec);
fflush(stdout);
execl(argv[0], argv[0], "--resume", NULL);
munmap(token_data, data_len); // HIGH-03: release mmap before exec
close(data_fd); // HIGH-03: release FD before exec
execl(rp_exec, rp_exec, "--resume", NULL);
perror("execl"); return 1;
}