Page MenuHomeFreeBSD

Fix cmp(1) to handle the case where standard streams are closed.
ClosedPublic

Authored by markj on Jan 16 2019, 8:39 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Oct 25, 2:15 AM
Unknown Object (File)
Mon, Oct 20, 6:32 AM
Unknown Object (File)
Fri, Oct 17, 9:13 AM
Unknown Object (File)
Fri, Oct 17, 9:13 AM
Unknown Object (File)
Fri, Oct 17, 9:12 AM
Unknown Object (File)
Thu, Oct 16, 11:34 PM
Unknown Object (File)
Thu, Oct 16, 11:34 PM
Unknown Object (File)
Thu, Oct 16, 2:46 PM
Subscribers

Details

Summary

Use caph_limit_stdio() before opening input files. This function
suppresses EBADF. When further limiting stdin, make sure STDIN_FILENO
isn't being used for one of the input files.

Fix some style bugs while here.

Diff Detail

Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 21987
Build 21221: arc lint + arc unit

Event Timeline

usr.bin/cmp/cmp.c
119

stderr?

119

I miss read sorry.

usr.bin/cmp/cmp.c
167

Hym not sure if I get this.
special is set if fd1 or fd2 is set to the STDIN right? So we don't need to check those.

169

I'm not sure if I'm understand that correctly.
If we have a problem with closed STDIN dosent this return EBADF as well?
The special will not be set but STDIN will be closed, so this should fail I think.

usr.bin/cmp/cmp.c
167

Yes, but if !special and the shell doesn't provide stdin, then STDIN_FILENO will be used for one of the input files.

169

If stdin is closed, then file descriptor 0 is available and will be claimed by fd1 or fd2. You are right though, this is making the assumption that open() will return the smallest available descriptor.

  • Verify that STDIN_FILENO is in use before limiting rights on it. In practice, it will always be in use: if STDIN_FILENO is not provided by the shell, then it will be claimed for fd1. But, we should not make assumptions about the kernel's fd allocation policy.
usr.bin/cmp/cmp.c
170

Let's just remove this whole block.
If the stdin is used lets limit it using caph_limit_stdio.
If it is but not used do we care to limit it further? In my opinion this is a minimal value if not even none and complicate code a lot.

usr.bin/cmp/cmp.c
170

Fair enough. I agree that it doesn't accomplish much: we're just removing read caps from the descriptor.

Don't bother limiting rights on stdin beyond what caph_limit_stdio()
does.

This revision is now accepted and ready to land.Jan 17 2019, 5:09 PM
This revision was automatically updated to reflect the committed changes.