If fchown(2) is called on an AF_LOCAL or AF_UNIX socket that is not a
socket file, the current code calls fhandler_disk_file::fchown in most
cases. The latter expects to be operating on a disk file and uses the
socket's io_handle, which is not a file handle.
Fix this by calling fhandler_disk_file::fchown only if the
fhandler_socket object is a file (determined by testing dev().isfs()).
---
winsup/cygwin/fhandler_socket_local.cc | 6 +++++-
winsup/cygwin/fhandler_socket_unix.cc | 8 +++++---
2 files changed, 10 insertions(+), 4 deletions(-)
diff --git a/winsup/cygwin/fhandler_socket_local.cc
b/winsup/cygwin/fhandler_socket_local.cc
index d1faa079a..349ade897 100644
--- a/winsup/cygwin/fhandler_socket_local.cc
+++ b/winsup/cygwin/fhandler_socket_local.cc
@@ -724,8 +724,12 @@ fhandler_socket_local::fchmod (mode_t newmode)
int
fhandler_socket_local::fchown (uid_t uid, gid_t gid)
{
- if (get_sun_path () && get_sun_path ()[0] == '\0')
+ if (!dev ().isfs ())
+ /* fchown called on a socket. */
return fhandler_socket_wsock::fchown (uid, gid);
+
+ /* chown/lchown on a socket file. [We won't get here if fchown is
+ called on a socket opened w/ O_PATH.] */
fhandler_disk_file fh (pc);
return fh.fchown (uid, gid);
}
diff --git a/winsup/cygwin/fhandler_socket_unix.cc
b/winsup/cygwin/fhandler_socket_unix.cc
index e08e9bdd9..573864b9f 100644
--- a/winsup/cygwin/fhandler_socket_unix.cc
+++ b/winsup/cygwin/fhandler_socket_unix.cc
@@ -2395,10 +2395,12 @@ fhandler_socket_unix::fchmod (mode_t newmode)
int
fhandler_socket_unix::fchown (uid_t uid, gid_t gid)
{
- if (sun_path ()
- && (sun_path ()->un_len <= (socklen_t) sizeof (sa_family_t)
- || sun_path ()->un.sun_path[0] == '\0'))
+ if (!dev ().isfs ())
+ /* fchown called on a socket. */
return fhandler_socket::fchown (uid, gid);
+
+ /* chown/lchown on a socket file. [We won't get here if fchown is
+ called on a socket opened w/ O_PATH.] */
fhandler_disk_file fh (pc);
return fh.fchown (uid, gid);
}
--
2.30.0
