Author: oshogbo Date: Thu Aug 10 16:50:13 2017 New Revision: 322370 URL: https://svnweb.freebsd.org/changeset/base/322370
Log: Limit descriptors stored in the pidfh structure. Reviewed by: markj, cem Differential Revision: https://reviews.freebsd.org/D11741 Modified: head/lib/libutil/pidfile.c Modified: head/lib/libutil/pidfile.c ============================================================================== --- head/lib/libutil/pidfile.c Thu Aug 10 16:45:05 2017 (r322369) +++ head/lib/libutil/pidfile.c Thu Aug 10 16:50:13 2017 (r322370) @@ -28,6 +28,7 @@ __FBSDID("$FreeBSD$"); #include <sys/param.h> +#include <sys/capsicum.h> #include <sys/file.h> #include <sys/stat.h> @@ -103,6 +104,7 @@ pidfile_open(const char *path, mode_t mode, pid_t *pid struct stat sb; int error, fd, dirfd, dirlen, filenamelen, count; struct timespec rqtp; + cap_rights_t caprights; pfh = malloc(sizeof(*pfh)); if (pfh == NULL) @@ -179,21 +181,35 @@ pidfile_open(const char *path, mode_t mode, pid_t *pid * to the proper descriptor. */ if (fstat(fd, &sb) == -1) { - error = errno; - unlinkat(dirfd, pfh->pf_filename, 0); - close(dirfd); - close(fd); - free(pfh); - errno = error; - return (NULL); + goto failed; } + if (cap_rights_limit(dirfd, + cap_rights_init(&caprights, CAP_UNLINKAT)) < 0 && errno != ENOSYS) { + goto failed; + } + + if (cap_rights_limit(fd, cap_rights_init(&caprights, CAP_PWRITE, + CAP_FSTAT, CAP_FTRUNCATE)) < 0 && + errno != ENOSYS) { + goto failed; + } + pfh->pf_dirfd = dirfd; pfh->pf_fd = fd; pfh->pf_dev = sb.st_dev; pfh->pf_ino = sb.st_ino; return (pfh); + +failed: + error = errno; + unlinkat(dirfd, pfh->pf_filename, 0); + close(dirfd); + close(fd); + free(pfh); + errno = error; + return (NULL); } int _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
