Prior to calling TIOCGWINSZ on stdin/stdout/stderr, check to see if the file descriptor is a tty. Calling TIOCGWINSZ on a non-tty doesn't make any sense.
Calling TIOCGWINSZ on a non-tty is mildly problematic for systems like Android where strict ioctl filtering is in place, and generates SELinux audit noise. Strict ioctl filtering for non-filesystem fifo_files (eg pipe() or pipe2() generated pipes) was enabled in Android in commit https://android-review.googlesource.com/c/platform/system/sepolicy/+/792599 Steps to reproduce: * Run "echo foo | ls" Expected: * No SELinux denials on Android with strict ioctl filtering enabled Actual: * An SELinux denial of the form: type=1400 audit(1540046406.055:1357): avc: denied { ioctl } for comm="ls" path="pipe:[332719]" dev="pipefs" ino=332719 ioctlcmd=0x5413 scontext=u:r:shell:s0 tcontext=u:r:shell:s0 tclass=fifo_file permissive=0 type=1400 audit(0.0:46): avc: denied { ioctl } for comm="ls" path="pipe:[196102]" dev="pipefs" ino=196102 ioctlcmd=0x5413 scontext=u:r:untrusted_app_27:s0:c512,c768 tcontext=u:r:untrusted_app_27:s0:c512,c768 tclass=fifo_file permissive=0 app=com.microsoft.office.outlook (ioctl 0x5413 is TIOCGWINSZ) Signed-off-by: Nick Kralevich <[email protected]> --- lib/interestingtimes.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/interestingtimes.c b/lib/interestingtimes.c index c3ed9f9..ffb5ab5 100644 --- a/lib/interestingtimes.c +++ b/lib/interestingtimes.c @@ -27,7 +27,7 @@ int terminal_size(unsigned *xx, unsigned *yy) // stdin, stdout, stderr for (i=0; i<3; i++) { memset(&ws, 0, sizeof(ws)); - if (!ioctl(i, TIOCGWINSZ, &ws)) { + if (isatty(i) && !ioctl(i, TIOCGWINSZ, &ws)) { if (ws.ws_col) x = ws.ws_col; if (ws.ws_row) y = ws.ws_row; -- 2.19.1.568.g152ad8e336-goog _______________________________________________ Toybox mailing list [email protected] http://lists.landley.net/listinfo.cgi/toybox-landley.net
