Linux: reap the sandbox helper process.

TEST=start chrome with a SUID sandbox and check that no zombies persist.

http://codereview.chromium.org/149734


git-svn-id: svn://svn.chromium.org/chrome/trunk/src@20838 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 9 insertions, 0 deletions

diff --git a/chrome/browser/zygote_host_linux.cc b/chrome/browser/zygote_host_linux.cc
index dad473b..769a180 100644
--- a/chrome/browser/zygote_host_linux.cc
+++ b/chrome/browser/zygote_host_linux.cc
@@ -21,6 +21,7 @@
 #include "chrome/browser/renderer_host/render_sandbox_host_linux.h"
 #include "chrome/common/chrome_constants.h"
 #include "chrome/common/chrome_switches.h"
+#include "chrome/common/process_watcher.h"
 
 ZygoteHost::ZygoteHost() {
   std::wstring chrome_path;
@@ -43,6 +44,7 @@ ZygoteHost::ZygoteHost() {
   }
 
   const char* sandbox_binary = NULL;
+  bool sandbox_was_used = false;
   struct stat st;
 
   // In Chromium branded builds, developers can set an environment variable to
@@ -70,6 +72,7 @@ ZygoteHost::ZygoteHost() {
       const char* ld_library_path = getenv("LD_LIBRARY_PATH");
       if (ld_library_path)
         setenv("SANDBOX_LD_LIBRARY_PATH", ld_library_path, 1 /* overwrite */);
+      sandbox_was_used = true;
     } else {
       LOG(FATAL) << "The SUID sandbox helper binary was found, but is not "
                     "configured correctly. Rather than run without sandboxing "
@@ -87,6 +90,12 @@ ZygoteHost::ZygoteHost() {
   base::LaunchApp(cmd_line.argv(), fds_to_map, false, &process);
   CHECK(process != -1) << "Failed to launch zygote process";
 
+  if (sandbox_was_used) {
+    // The sandbox binary will fork one or more times before running the zygote
+    // process. Thus, we need to reap the child.
+    ProcessWatcher::EnsureProcessTerminated(process);
+  }
+
   close(fds[1]);
   control_fd_ = fds[0];
 }