Page MenuHomeFreeBSD
Files F107935358

D19216.diff
No OneTemporary
Actions

D19216.diff
View Options

Index: head/usr.bin/cmp/cmp.c
===================================================================
--- head/usr.bin/cmp/cmp.c
+++ head/usr.bin/cmp/cmp.c
@@ -45,7 +45,6 @@
__FBSDID("$FreeBSD$");
#include <sys/types.h>
-#include <sys/capsicum.h>
#include <sys/stat.h>
#include <capsicum_helpers.h>
@@ -80,8 +79,6 @@
off_t skip1, skip2;
int ch, fd1, fd2, oflag, special;
const char *file1, *file2;
- cap_rights_t rights;
- uint32_t fcntls;
oflag = O_RDONLY;
while ((ch = getopt_long(argc, argv, "+hlsxz", long_opts, NULL)) != -1)
@@ -116,14 +113,19 @@
if (argc < 2 || argc > 4)
usage();
+ /* Don't limit rights on stdin since it may be one of the inputs. */
+ if (caph_limit_stream(STDOUT_FILENO, CAPH_WRITE | CAPH_IGNORE_EBADF))
+ err(ERR_EXIT, "unable to limit rights on stdout");
+ if (caph_limit_stream(STDERR_FILENO, CAPH_WRITE | CAPH_IGNORE_EBADF))
+ err(ERR_EXIT, "unable to limit rights on stderr");
+
/* Backward compatibility -- handle "-" meaning stdin. */
special = 0;
if (strcmp(file1 = argv[0], "-") == 0) {
special = 1;
- fd1 = 0;
+ fd1 = STDIN_FILENO;
file1 = "stdin";
- }
- else if ((fd1 = open(file1, oflag, 0)) < 0 && errno != EMLINK) {
+ } else if ((fd1 = open(file1, oflag, 0)) < 0 && errno != EMLINK) {
if (!sflag)
err(ERR_EXIT, "%s", file1);
else
@@ -134,10 +136,9 @@
errx(ERR_EXIT,
"standard input may only be specified once");
special = 1;
- fd2 = 0;
+ fd2 = STDIN_FILENO;
file2 = "stdin";
- }
- else if ((fd2 = open(file2, oflag, 0)) < 0 && errno != EMLINK) {
+ } else if ((fd2 = open(file2, oflag, 0)) < 0 && errno != EMLINK) {
if (!sflag)
err(ERR_EXIT, "%s", file2);
else
@@ -162,33 +163,8 @@
exit(ERR_EXIT);
}
- cap_rights_init(&rights, CAP_FCNTL, CAP_FSTAT, CAP_MMAP_R);
- if (caph_rights_limit(fd1, &rights) < 0)
- err(ERR_EXIT, "unable to limit rights for %s", file1);
- if (caph_rights_limit(fd2, &rights) < 0)
- err(ERR_EXIT, "unable to limit rights for %s", file2);
-
- /* Required for fdopen(3). */
- fcntls = CAP_FCNTL_GETFL;
- if (caph_fcntls_limit(fd1, fcntls) < 0)
- err(ERR_EXIT, "unable to limit fcntls for %s", file1);
- if (caph_fcntls_limit(fd2, fcntls) < 0)
- err(ERR_EXIT, "unable to limit fcntls for %s", file2);
-
- if (!special) {
- cap_rights_init(&rights);
- if (caph_rights_limit(STDIN_FILENO, &rights) < 0) {
- err(ERR_EXIT, "unable to limit stdio");
- }
- }
-
- if (caph_limit_stdout() == -1 || caph_limit_stderr() == -1)
- err(ERR_EXIT, "unable to limit stdio");
-
+ /* FD rights are limited in c_special() and c_regular(). */
caph_cache_catpages();
-
- if (caph_enter() < 0)
- err(ERR_EXIT, "unable to enter capability mode");
if (!special) {
if (fstat(fd1, &sb1)) {
Index: head/usr.bin/cmp/regular.c
===================================================================
--- head/usr.bin/cmp/regular.c
+++ head/usr.bin/cmp/regular.c
@@ -42,6 +42,7 @@
#include <sys/mman.h>
#include <sys/stat.h>
+#include <capsicum_helpers.h>
#include <err.h>
#include <limits.h>
#include <signal.h>
@@ -61,12 +62,13 @@
c_regular(int fd1, const char *file1, off_t skip1, off_t len1,
int fd2, const char *file2, off_t skip2, off_t len2)
{
+ struct sigaction act, oact;
+ cap_rights_t rights;
u_char ch, *p1, *p2, *m1, *m2, *e1, *e2;
off_t byte, length, line;
- int dfound;
off_t pagemask, off1, off2;
size_t pagesize;
- struct sigaction act, oact;
+ int dfound;
if (skip1 > len1)
eofmsg(file1);
@@ -78,12 +80,6 @@
if (sflag && len1 != len2)
exit(DIFF_EXIT);
- sigemptyset(&act.sa_mask);
- act.sa_flags = SA_NODEFER;
- act.sa_handler = segv_handler;
- if (sigaction(SIGSEGV, &act, &oact))
- err(ERR_EXIT, "sigaction()");
-
pagesize = getpagesize();
pagemask = (off_t)pagesize - 1;
off1 = ROUNDPAGE(skip1);
@@ -101,6 +97,19 @@
c_special(fd1, file1, skip1, fd2, file2, skip2);
return;
}
+
+ if (caph_rights_limit(fd1, cap_rights_init(&rights, CAP_MMAP_R)) < 0)
+ err(1, "unable to limit rights for %s", file1);
+ if (caph_rights_limit(fd2, cap_rights_init(&rights, CAP_MMAP_R)) < 0)
+ err(1, "unable to limit rights for %s", file2);
+ if (caph_enter() < 0)
+ err(ERR_EXIT, "unable to enter capability mode");
+
+ sigemptyset(&act.sa_mask);
+ act.sa_flags = SA_NODEFER;
+ act.sa_handler = segv_handler;
+ if (sigaction(SIGSEGV, &act, &oact))
+ err(ERR_EXIT, "sigaction()");
dfound = 0;
e1 = m1 + MMAP_CHUNK;
Index: head/usr.bin/cmp/special.c
===================================================================
--- head/usr.bin/cmp/special.c
+++ head/usr.bin/cmp/special.c
@@ -40,6 +40,7 @@
#include <sys/types.h>
+#include <capsicum_helpers.h>
#include <err.h>
#include <stdlib.h>
#include <stdio.h>
@@ -54,6 +55,13 @@
off_t byte, line;
FILE *fp1, *fp2;
int dfound;
+
+ if (caph_limit_stream(fd1, CAPH_READ) < 0)
+ err(ERR_EXIT, "caph_limit_stream(%s)", file1);
+ if (caph_limit_stream(fd2, CAPH_READ) < 0)
+ err(ERR_EXIT, "caph_limit_stream(%s)", file2);
+ if (caph_enter() < 0)
+ err(ERR_EXIT, "unable to enter capability mode");
if ((fp1 = fdopen(fd1, "r")) == NULL)
err(ERR_EXIT, "%s", file1);
Index: head/usr.bin/cmp/tests/cmp_test2.sh
===================================================================
--- head/usr.bin/cmp/tests/cmp_test2.sh
+++ head/usr.bin/cmp/tests/cmp_test2.sh
@@ -35,6 +35,8 @@
atf_check -s exit:0 -o empty -e empty -x "cat a | cmp - a"
atf_check -s exit:1 -o not-empty -e empty -x "cat b | cmp a -"
atf_check -s exit:1 -o not-empty -e empty -x "cat b | cmp - a"
+
+ atf_check -s exit:0 -o empty -e empty -x "cmp a a <&-"
}
atf_test_case symlink

File Metadata

Mime Type
text/plain
Expires
Mon, Jan 20, 4:52 PM (21 h, 5 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
15979891
Default Alt Text
D19216.diff (5 KB)

Event Timeline