D7644.id19690.diff
No OneTemporary
Actions

Size

2 KB

Referenced Files

None

Subscribers

None

D7644.id19690.diff
View Options

	Index: usr.bin/bsdiff/bspatch/bspatch.c
	===================================================================
	--- usr.bin/bsdiff/bspatch/bspatch.c
	+++ usr.bin/bsdiff/bspatch/bspatch.c
	@@ -42,6 +42,7 @@
	#include <err.h>
	#include <errno.h>
	#include <fcntl.h>
	+#include <libgen.h>
	#include <limits.h>
	#include <stdio.h>
	#include <stdlib.h>
	@@ -52,6 +53,18 @@
	#define O_BINARY 0
	#endif

	+static char *newfile;
	+static int dirfd = -1;
	+
	+static void
	+exit_cleanup(void)
	+{
	+
	+ if (dirfd != -1 && newfile != NULL)
	+ if (unlinkat(dirfd, newfile, 0))
	+ warn("unlinkat");
	+}
	+
	static off_t offtin(u_char *buf)
	{
	off_t y;
	@@ -83,6 +96,7 @@
	{
	FILE f, cpf, dpf, epf;
	BZFILE cpfbz2, dpfbz2, *epfbz2;
	+ char directory, namebuf;
	int cbz2err, dbz2err, ebz2err;
	int newfd, oldfd;
	off_t oldsize, newsize;
	@@ -94,7 +108,7 @@
	off_t lenread;
	off_t i;
	#ifdef HAVE_CAPSICUM
	- cap_rights_t rights_ro, rights_wr;
	+ cap_rights_t rights_dir, rights_ro, rights_wr;
	#endif

	if (argc != 4)
	@@ -115,10 +129,19 @@
	/* open oldfile */
	if ((oldfd = open(argv[1], O_RDONLY \| O_BINARY, 0)) < 0)
	err(1, "open(%s)", argv[1]);
	+ /* open directory where we'll write newfile */
	+ namebuf = strdup(argv[2]);
	+ directory = dirname(namebuf);
	+ if (directory == NULL \|\| (dirfd = open(directory, O_DIRECTORY)) < 0)
	+ err(1, "open %s", namebuf);
	+ free(namebuf);
	+ if ((newfile = basename(argv[2])) == NULL)
	+ err(1, "basename");
	/* open newfile */
	if ((newfd = open(argv[2], O_CREAT \| O_TRUNC \| O_WRONLY \| O_BINARY,
	0666)) < 0)
	err(1, "open(%s)", argv[2]);
	+ atexit(exit_cleanup);

	#ifdef HAVE_CAPSICUM
	if (cap_enter() < 0) {
	@@ -129,13 +152,15 @@
	/* Capsicum Available */
	cap_rights_init(&rights_ro, CAP_READ, CAP_FSTAT, CAP_SEEK);
	cap_rights_init(&rights_wr, CAP_WRITE);
	-
	+ cap_rights_init(&rights_dir, CAP_UNLINKAT);
	+
	if (cap_rights_limit(fileno(f), &rights_ro) < 0 \|\|
	cap_rights_limit(fileno(cpf), &rights_ro) < 0 \|\|
	cap_rights_limit(fileno(dpf), &rights_ro) < 0 \|\|
	cap_rights_limit(fileno(epf), &rights_ro) < 0 \|\|
	cap_rights_limit(oldfd, &rights_ro) < 0 \|\|
	- cap_rights_limit(newfd, &rights_wr) < 0)
	+ cap_rights_limit(newfd, &rights_wr) < 0 \|\|
	+ cap_rights_limit(dirfd, &rights_dir) < 0)
	err(1, "cap_rights_limit() failed, could not restrict"
	" capabilities");
	}
	@@ -265,6 +290,8 @@
	/* Write the new file */
	if (write(newfd, new, newsize) != newsize \|\| close(newfd) == -1)
	err(1, "%s", argv[2]);
	+ /* Disable atexit cleanup */
	+ newfile = NULL;

	free(new);
	free(old);

File Metadata

Mime Type: text/plain
Expires: Wed, Dec 31, 6:32 AM (1 h, 33 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 27404534
Default Alt Text: D7644.id19690.diff (2 KB)

D7644.id19690.diffNo OneTemporaryActions

D7644.id19690.diffView Options

File Metadata

Event Timeline

D7644.id19690.diff
No OneTemporary
Actions

D7644.id19690.diff
View Options