The closefrom emulation is racy and can miss file descriptors as it
closes file descriptors while it iterates over the list of open file
descriptors. You have to extract a complete list of file descriptors
and then close them. This problem has probably been hidden because
readdir buffers directory results and reads a bunch of them at once.
Also, personally I'd rather have closefrom abort on errors then fall
back to a bad implementation (although I know you'll probably
disagree) and I'd check every function call for errors (you missed
readdir and closedir). For normal usage checking readdir and closedir
for errors probably doesn't apply but when people do strange things
like use Seccomp or miswrite a signal handler weird things can happen
and so not checking for errors just makes it harder to track down
This is fixed now in git master, and will be included in the upcoming release which should happen within the coming couple of weeks at most.
This has now been released as part of libbsd 0.8.0.