Index: head/usr.bin/cmp/cmp.c =================================================================== --- head/usr.bin/cmp/cmp.c (revision 305980) +++ head/usr.bin/cmp/cmp.c (revision 305981) @@ -1,192 +1,229 @@ /* * Copyright (c) 1987, 1990, 1993, 1994 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1987, 1990, 1993, 1994\n\ The Regents of the University of California. All rights reserved.\n"; #endif #if 0 #ifndef lint static char sccsid[] = "@(#)cmp.c 8.3 (Berkeley) 4/2/94"; #endif #endif #include __FBSDID("$FreeBSD$"); +#include #include #include #include #include #include +#include #include #include #include +#include #include #include "extern.h" int lflag, sflag, xflag, zflag; static void usage(void); int main(int argc, char *argv[]) { struct stat sb1, sb2; off_t skip1, skip2; int ch, fd1, fd2, oflag, special; const char *file1, *file2; + cap_rights_t rights; + unsigned long cmd; + uint32_t fcntls; oflag = O_RDONLY; while ((ch = getopt(argc, argv, "hlsxz")) != -1) switch (ch) { case 'h': /* Don't follow symlinks */ oflag |= O_NOFOLLOW; break; case 'l': /* print all differences */ lflag = 1; break; case 's': /* silent run */ sflag = 1; zflag = 1; break; case 'x': /* hex output */ lflag = 1; xflag = 1; break; case 'z': /* compare size first */ zflag = 1; break; case '?': default: usage(); } argv += optind; argc -= optind; if (lflag && sflag) errx(ERR_EXIT, "specifying -s with -l or -x is not permitted"); if (argc < 2 || argc > 4) usage(); /* Backward compatibility -- handle "-" meaning stdin. */ special = 0; if (strcmp(file1 = argv[0], "-") == 0) { special = 1; fd1 = 0; file1 = "stdin"; } else if ((fd1 = open(file1, oflag, 0)) < 0 && errno != EMLINK) { if (!sflag) err(ERR_EXIT, "%s", file1); else exit(ERR_EXIT); } if (strcmp(file2 = argv[1], "-") == 0) { if (special) errx(ERR_EXIT, "standard input may only be specified once"); special = 1; fd2 = 0; file2 = "stdin"; } else if ((fd2 = open(file2, oflag, 0)) < 0 && errno != EMLINK) { if (!sflag) err(ERR_EXIT, "%s", file2); else exit(ERR_EXIT); } skip1 = argc > 2 ? strtol(argv[2], NULL, 0) : 0; skip2 = argc == 4 ? strtol(argv[3], NULL, 0) : 0; if (fd1 == -1) { if (fd2 == -1) { c_link(file1, skip1, file2, skip2); exit(0); } else if (!sflag) errx(ERR_EXIT, "%s: Not a symbolic link", file2); else exit(ERR_EXIT); } else if (fd2 == -1) { if (!sflag) errx(ERR_EXIT, "%s: Not a symbolic link", file1); else exit(ERR_EXIT); } + + cap_rights_init(&rights, CAP_FCNTL, CAP_FSTAT, CAP_MMAP_R); + if (cap_rights_limit(fd1, &rights) < 0 && errno != ENOSYS) + err(ERR_EXIT, "unable to limit rights for %s", file1); + if (cap_rights_limit(fd2, &rights) < 0 && errno != ENOSYS) + err(ERR_EXIT, "unable to limit rights for %s", file2); + + /* Required for fdopen(3). */ + fcntls = CAP_FCNTL_GETFL; + if (cap_fcntls_limit(fd1, fcntls) < 0 && errno != ENOSYS) + err(ERR_EXIT, "unable to limit fcntls for %s", file1); + if (cap_fcntls_limit(fd2, fcntls) < 0 && errno != ENOSYS) + err(ERR_EXIT, "unable to limit fcntls for %s", file2); + + cap_rights_init(&rights, CAP_FSTAT, CAP_WRITE, CAP_IOCTL); + if (cap_rights_limit(STDOUT_FILENO, &rights) < 0 && errno != ENOSYS) + err(ERR_EXIT, "unable to limit rights for stdout"); + + /* Required for printf(3) via isatty(3). */ + cmd = TIOCGETA; + if (cap_ioctls_limit(STDOUT_FILENO, &cmd, 1) < 0 && errno != ENOSYS) + err(ERR_EXIT, "unable to limit ioctls for stdout"); + + /* + * Cache NLS data, for strerror, for err(3), before entering capability + * mode. + */ + (void)catopen("libc", NL_CAT_LOCALE); + + if (cap_enter() < 0 && errno != ENOSYS) + err(ERR_EXIT, "unable to enter capability mode"); if (!special) { if (fstat(fd1, &sb1)) { if (!sflag) err(ERR_EXIT, "%s", file1); else exit(ERR_EXIT); } if (!S_ISREG(sb1.st_mode)) special = 1; else { if (fstat(fd2, &sb2)) { if (!sflag) err(ERR_EXIT, "%s", file2); else exit(ERR_EXIT); } if (!S_ISREG(sb2.st_mode)) special = 1; } } if (special) c_special(fd1, file1, skip1, fd2, file2, skip2); else { if (zflag && sb1.st_size != sb2.st_size) { if (!sflag) (void) printf("%s %s differ: size\n", file1, file2); exit(DIFF_EXIT); } c_regular(fd1, file1, skip1, sb1.st_size, fd2, file2, skip2, sb2.st_size); } exit(0); } static void usage(void) { (void)fprintf(stderr, "usage: cmp [-l | -s | -x] [-hz] file1 file2 [skip1 [skip2]]\n"); exit(ERR_EXIT); }