summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJiri Moskovcak <jmoskovc@redhat.com>2013-01-15 15:07:13 (GMT)
committerJiri Moskovcak <jmoskovc@redhat.com>2013-01-15 15:07:13 (GMT)
commit3bbf961b1884dd32654dd39b360dd78ef294b10a (patch)
treebd4580dedffec3062a7707cf53d2413deb0971e7
parent9923d389c199113103b80aeabcaf6768acb5f11a (diff)
downloadlibreport-3bbf961b1884dd32654dd39b360dd78ef294b10a.zip
libreport-3bbf961b1884dd32654dd39b360dd78ef294b10a.tar.gz
libreport-3bbf961b1884dd32654dd39b360dd78ef294b10a.tar.xz
never follow symlinks rhbz#887866
- use lchown instead chown and O_NOFOLLOW where we use open
-rw-r--r--src/lib/dump_dir.c18
1 files changed, 9 insertions, 9 deletions
diff --git a/src/lib/dump_dir.c b/src/lib/dump_dir.c
index 57c439d..01e1edd 100644
--- a/src/lib/dump_dir.c
+++ b/src/lib/dump_dir.c
@@ -116,7 +116,7 @@ static bool exist_file_dir(const char *path)
static bool not_valid_time_file(const char *filename)
{
/* Open input file, and parse it. */
- int fd = open(filename, O_RDONLY);
+ int fd = open(filename, O_RDONLY | O_NOFOLLOW);
if (fd < 0)
{
VERB2 perror_msg("Can't open '%s'", filename);
@@ -506,7 +506,7 @@ struct dump_dir *dd_create(const char *dir, uid_t uid, mode_t mode)
else
error_msg("User %lu does not exist, using gid 0", (long)uid);
- if (chown(dir, dd->dd_uid, dd->dd_gid) == -1)
+ if (lchown(dir, dd->dd_uid, dd->dd_gid) == -1)
{
perror_msg("Can't change '%s' ownership to %lu:%lu", dir,
(long)dd->dd_uid, (long)dd->dd_gid);
@@ -606,7 +606,7 @@ void dd_sanitize_mode_and_owner(struct dump_dir *dd)
chmod(full_path, dd->mode);
if (statbuf.st_uid != dd->dd_uid || statbuf.st_gid != dd->dd_gid)
{
- if (chown(full_path, dd->dd_uid, dd->dd_gid) != 0)
+ if (lchown(full_path, dd->dd_uid, dd->dd_gid) != 0)
{
perror_msg("Can't change '%s' ownership to %lu:%lu", full_path,
(long)dd->dd_uid, (long)dd->dd_gid);
@@ -708,8 +708,8 @@ int dd_delete(struct dump_dir *dd)
static char *load_text_file(const char *path, unsigned flags)
{
- FILE *fp = fopen(path, "r");
- if (!fp)
+ int fd = open(path, O_RDONLY | O_NOFOLLOW);
+ if (fd == -1)
{
if (!(flags & DD_FAIL_QUIETLY_ENOENT))
perror_msg("Can't open file '%s'", path);
@@ -718,8 +718,8 @@ static char *load_text_file(const char *path, unsigned flags)
struct strbuf *buf_content = strbuf_new();
int oneline = 0;
- int ch;
- while ((ch = fgetc(fp)) != EOF)
+ char ch;
+ while (safe_read(fd, &ch, 1) > 0)
{
//TODO? \r -> \n?
//TODO? strip trailing spaces/tabs?
@@ -730,7 +730,7 @@ static char *load_text_file(const char *path, unsigned flags)
if (isspace(ch) || ch >= ' ') /* used !iscntrl, but it failed on unicode */
strbuf_append_char(buf_content, ch);
}
- fclose(fp);
+ close(fd);
char last = oneline != 0 ? buf_content->buf[buf_content->len - 1] : 0;
if (last == '\n')
@@ -760,7 +760,7 @@ static bool save_binary_file(const char *path, const char* data, unsigned size,
{
/* the mode is set by the caller, see dd_create() for security analysis */
unlink(path);
- int fd = open(path, O_WRONLY | O_TRUNC | O_CREAT, mode);
+ int fd = open(path, O_WRONLY | O_TRUNC | O_CREAT | O_NOFOLLOW, mode);
if (fd < 0)
{
perror_msg("Can't open file '%s'", path);