From a0f351c9fa731fc738ab2eeaa0bb23b20980f29f Mon Sep 17 00:00:00 2001
From: Andrew Chambers <ac@acha.ninja>
Date: Tue, 5 May 2020 16:03:13 +1200
Subject: [PATCH 1/2] Fix (mostly nonsensible) race condition in multi threaded
 processes using os/execute with os/setenv.

---
 src/core/os.c | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/src/core/os.c b/src/core/os.c
index 70cd6288..9c5a80a9 100644
--- a/src/core/os.c
+++ b/src/core/os.c
@@ -389,15 +389,26 @@ static Janet os_execute(int32_t argc, Janet *argv) {
     char *const *cargv = (char *const *)child_argv;
 
     /* Use posix_spawn to spawn new process */
+
+    int use_environ = !janet_flag_at(flags, 0);
+
+    if (use_environ) {
+        janet_lock_environ();
+    }
+
     pid_t pid;
     if (janet_flag_at(flags, 1)) {
         status = posix_spawnp(&pid,
                               child_argv[0], NULL, NULL, cargv,
-                              janet_flag_at(flags, 0) ? envp : environ);
+                              use_environ ? environ : envp);
     } else {
         status = posix_spawn(&pid,
                              child_argv[0], NULL, NULL, cargv,
-                             janet_flag_at(flags, 0) ? envp : environ);
+                             use_environ ? environ : envp);
+    }
+
+    if (use_environ) {
+        janet_unlock_environ();
     }
 
     /* Wait for child */

From 06c28f3a4d13866a21cb7e4d1a9194117e99ffe1 Mon Sep 17 00:00:00 2001
From: Andrew Chambers <ac@acha.ninja>
Date: Wed, 6 May 2020 11:14:42 +1200
Subject: [PATCH 2/2] Set the CLOEXEC flag on file/temp files.

---
 src/core/io.c | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/src/core/io.c b/src/core/io.c
index 7312c266..8c0fb1b6 100644
--- a/src/core/io.c
+++ b/src/core/io.c
@@ -30,6 +30,7 @@
 #include <errno.h>
 
 #ifndef JANET_WINDOWS
+#include <fcntl.h>
 #include <sys/wait.h>
 #endif
 
@@ -132,6 +133,21 @@ static Janet cfun_io_temp(int32_t argc, Janet *argv) {
     FILE *tmp = tmpfile();
     if (!tmp)
         janet_panicf("unable to create temporary file - %s", strerror(errno));
+
+#ifndef JANET_WINDOWS
+    /* It seems highly unlikely a typical janet user wants a tempfile to be inherited and
+       libc tmpfile does NOT set O_CLOEXEC by default,
+
+       Even though setting this flag after a delay is racy in threaded programs,
+       It helps in single threaded ones. The fix for threaded programs would be to use mkostemp
+       which is coming to POSIX at a later time. */
+    if (fcntl(fileno(tmp), F_SETFD, FD_CLOEXEC) != 0) {
+        fclose(tmp);
+        janet_panic("unable initialize temporary file");
+    }
+/* Do anything for windows? */
+#endif
+
     return janet_makefile(tmp, JANET_FILE_WRITE | JANET_FILE_READ | JANET_FILE_BINARY);
 }