Re: Pledge failure in disklabel(8)
On Sat, May 28, 2016 at 10:02:27AM -0600, Theo de Raadt wrote:
> fstat will not help: disklabel /dev/tty
>
Ok, apply against current and this does help.
I've moved the readlabel() call before the pledge.
ok?
Index: disklabel.c
===
RCS file: /cvs/src/sbin/disklabel/disklabel.c,v
retrieving revision 1.216
diff -u -p -u -p -B -r1.216 disklabel.c
--- disklabel.c 28 May 2016 16:00:19 - 1.216
+++ disklabel.c 28 May 2016 16:29:20 -
@@ -198,6 +198,7 @@ main(int argc, char *argv[])
);
if (f < 0)
err(4, "%s", specname);
+ readlabel(f);
if (op == EDIT || op == EDITOR || aflag) {
if (pledge("stdio rpath wpath cpath disklabel proc exec", NULL)
== -1)
@@ -221,19 +222,16 @@ main(int argc, char *argv[])
case EDIT:
if (argc != 1)
usage();
- readlabel(f);
error = edit(, f);
break;
case EDITOR:
if (argc != 1)
usage();
- readlabel(f);
error = editor(f);
break;
case READ:
if (argc != 1)
usage();
- readlabel(f);
if (pledge("stdio", NULL) == -1)
err(1, "pledge");
@@ -247,7 +245,6 @@ main(int argc, char *argv[])
case RESTORE:
if (argc < 2 || argc > 3)
usage();
- readlabel(f);
if (!(t = fopen(argv[1], "r")))
err(4, "%s", argv[1]);
error = getasciilabel(t, );
@@ -263,9 +260,7 @@ main(int argc, char *argv[])
fclose(t);
break;
case WRITE:
- if (dflag || aflag) {
- readlabel(f);
- } else if (argc < 2 || argc > 3)
+ if ((!(dflag || aflag)) && (argc < 2 || argc > 3))
usage();
else
makelabel(argv[1], argc == 3 ? argv[2] : NULL, );
Re: Pledge failure in disklabel(8)
fstat will not help: disklabel /dev/tty
Re: Pledge failure in disklabel(8)
Oops, I did not check the return value of fstat. Good catch.
But when I tested my change without yours, disklabel did not abort. Why
then does opendev need to occur before the pledge? Is there another
usage of disklabel that causes a different failure pattern?
On 05/28/2016 11:31 AM, Theo de Raadt wrote:
If you try to run disklabel(8) on a file that is not a device, it aborts
aborts for want of pledge("ioctl"). This diff prints an error message
and exits cleanly. I return exit code 1 but note that sometimes
disklabel returns 4; the man page doesn't explain the distinction
anywhere.
$ disklabel /
Abort trap (core dumped)
$ obj/disklabel /
disklabel: / is not a device
Indeed your diff is also needed on top of mine. Let's try this.
Re: Pledge failure in disklabel(8)
> If you try to run disklabel(8) on a file that is not a device, it aborts
> aborts for want of pledge("ioctl"). This diff prints an error message
> and exits cleanly. I return exit code 1 but note that sometimes
> disklabel returns 4; the man page doesn't explain the distinction
> anywhere.
>
> $ disklabel /
> Abort trap (core dumped)
> $ obj/disklabel /
> disklabel: / is not a device
Indeed your diff is also needed on top of mine. Let's try this.
Index: disklabel.c
===
RCS file: /cvs/src/sbin/disklabel/disklabel.c,v
retrieving revision 1.214
diff -u -p -u -r1.214 disklabel.c
--- disklabel.c 25 Nov 2015 17:17:38 - 1.214
+++ disklabel.c 28 May 2016 15:30:27 -
@@ -119,6 +119,7 @@ main(int argc, char *argv[])
int ch, f, error = 0;
FILE *t;
char *autotable = NULL;
+ struct stat st;
getphysmem();
@@ -191,14 +192,6 @@ main(int argc, char *argv[])
argc -= optind;
argv += optind;
- if (op == EDIT || op == EDITOR || aflag) {
- if (pledge("stdio rpath wpath cpath disklabel proc exec", NULL)
== -1)
- err(1, "pledge");
- } else {
- if (pledge("stdio rpath wpath disklabel", NULL) == -1)
- err(1, "pledge");
- }
-
if (op == UNSPEC)
op = READ;
@@ -211,6 +204,18 @@ main(int argc, char *argv[])
);
if (f < 0)
err(4, "%s", specname);
+ if (fstat(f, ) == -1)
+ errx(1, "fstat");
+ if (!S_ISBLK(st.st_mode) && !S_ISCHR(st.st_mode))
+ errx(1, "%s is not a device", dkname);
+
+ if (op == EDIT || op == EDITOR || aflag) {
+ if (pledge("stdio rpath wpath cpath disklabel proc exec", NULL)
== -1)
+ err(1, "pledge");
+ } else {
+ if (pledge("stdio rpath wpath disklabel", NULL) == -1)
+ err(1, "pledge");
+ }
if (autotable != NULL)
parse_autotable(autotable);
Re: Pledge failure in disklabel(8)
On Sat, May 28, 2016 at 09:27:09AM -0600, Theo de Raadt wrote:
> > If you try to run disklabel(8) on a file that is not a device, it aborts
> > aborts for want of pledge("ioctl"). This diff prints an error message
> > and exits cleanly. I return exit code 1 but note that sometimes
> > disklabel returns 4; the man page doesn't explain the distinction
> > anywhere.
> >
> > $ disklabel /
> > Abort trap (core dumped)
> > $ obj/disklabel /
> > disklabel: / is not a device
>
> Surprisingly, your fix won't help. The problem is that opendev() is
> after pledge.
>
> That is incorrect. The pledge should occur after opendev.
Try this instead
Index: disklabel.c
===
RCS file: /cvs/src/sbin/disklabel/disklabel.c,v
retrieving revision 1.214
diff -u -p -u -p -r1.214 disklabel.c
--- disklabel.c 25 Nov 2015 17:17:38 - 1.214
+++ disklabel.c 28 May 2016 15:32:11 -
@@ -191,6 +191,12 @@ main(int argc, char *argv[])
argc -= optind;
argv += optind;
+ dkname = argv[0];
+ f = opendev(dkname, (op == READ ? O_RDONLY : O_RDWR), OPENDEV_PART,
+ );
+ if (f < 0)
+ err(4, "%s", specname);
+
if (op == EDIT || op == EDITOR || aflag) {
if (pledge("stdio rpath wpath cpath disklabel proc exec", NULL)
== -1)
err(1, "pledge");
@@ -205,12 +211,6 @@ main(int argc, char *argv[])
if (argc < 1 || (fstabfile && !(op == EDITOR || op == RESTORE ||
aflag)))
usage();
-
- dkname = argv[0];
- f = opendev(dkname, (op == READ ? O_RDONLY : O_RDWR), OPENDEV_PART,
- );
- if (f < 0)
- err(4, "%s", specname);
if (autotable != NULL)
parse_autotable(autotable);
Re: Pledge failure in disklabel(8)
> If you try to run disklabel(8) on a file that is not a device, it aborts
> aborts for want of pledge("ioctl"). This diff prints an error message
> and exits cleanly. I return exit code 1 but note that sometimes
> disklabel returns 4; the man page doesn't explain the distinction
> anywhere.
>
> $ disklabel /
> Abort trap (core dumped)
> $ obj/disklabel /
> disklabel: / is not a device
Surprisingly, your fix won't help. The problem is that opendev() is
after pledge.
That is incorrect. The pledge should occur after opendev.
> Index: disklabel.c
> ===
> RCS file: /cvs/src/sbin/disklabel/disklabel.c,v
> retrieving revision 1.214
> diff -u -p -r1.214 disklabel.c
> --- disklabel.c 25 Nov 2015 17:17:38 - 1.214
> +++ disklabel.c 27 May 2016 15:13:25 -
> @@ -119,6 +119,7 @@ main(int argc, char *argv[])
> int ch, f, error = 0;
> FILE *t;
> char *autotable = NULL;
> + struct stat sb;
>
> getphysmem();
>
> @@ -211,6 +212,9 @@ main(int argc, char *argv[])
> );
> if (f < 0)
> err(4, "%s", specname);
> + fstat(f, );
> + if (!S_ISBLK(sb.st_mode) && !S_ISCHR(sb.st_mode))
> + errx(1, "%s is not a device", dkname);
>
> if (autotable != NULL)
> parse_autotable(autotable);
>
Pledge failure in disklabel(8)
If you try to run disklabel(8) on a file that is not a device, it aborts
aborts for want of pledge("ioctl"). This diff prints an error message
and exits cleanly. I return exit code 1 but note that sometimes
disklabel returns 4; the man page doesn't explain the distinction
anywhere.
$ disklabel /
Abort trap (core dumped)
$ obj/disklabel /
disklabel: / is not a device
Index: disklabel.c
===
RCS file: /cvs/src/sbin/disklabel/disklabel.c,v
retrieving revision 1.214
diff -u -p -r1.214 disklabel.c
--- disklabel.c 25 Nov 2015 17:17:38 - 1.214
+++ disklabel.c 27 May 2016 15:13:25 -
@@ -119,6 +119,7 @@ main(int argc, char *argv[])
int ch, f, error = 0;
FILE *t;
char *autotable = NULL;
+ struct stat sb;
getphysmem();
@@ -211,6 +212,9 @@ main(int argc, char *argv[])
);
if (f < 0)
err(4, "%s", specname);
+ fstat(f, );
+ if (!S_ISBLK(sb.st_mode) && !S_ISCHR(sb.st_mode))
+ errx(1, "%s is not a device", dkname);
if (autotable != NULL)
parse_autotable(autotable);
