Module Name: src
Committed By: sborrill
Date: Fri Jun 15 09:04:35 UTC 2012
Modified Files:
src/bin/rm [netbsd-4]: rm.c
Log Message:
Pull up the following revisions(s) (requested by dholland in ticket #1451):
bin/rm/rm.c: revision 1.52
Rectify race condition in rm -P processing by checking that the file
we opened is the one we expected to get. Also use O_NOFOLLOW to help
avoid even opening devices, which sometimes produce side effects.
To generate a diff of this commit:
cvs rdiff -u -r1.45 -r1.45.2.1 src/bin/rm/rm.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/bin/rm/rm.c
diff -u src/bin/rm/rm.c:1.45 src/bin/rm/rm.c:1.45.2.1
--- src/bin/rm/rm.c:1.45 Fri Aug 25 11:00:40 2006
+++ src/bin/rm/rm.c Fri Jun 15 09:04:35 2012
@@ -1,4 +1,4 @@
-/* $NetBSD: rm.c,v 1.45 2006/08/25 11:00:40 liamjfoy Exp $ */
+/* $NetBSD: rm.c,v 1.45.2.1 2012/06/15 09:04:35 sborrill Exp $ */
/*-
* Copyright (c) 1990, 1993, 1994, 2003
@@ -39,7 +39,7 @@ __COPYRIGHT("@(#) Copyright (c) 1990, 19
#if 0
static char sccsid[] = "@(#)rm.c 8.8 (Berkeley) 4/27/95";
#else
-__RCSID("$NetBSD: rm.c,v 1.45 2006/08/25 11:00:40 liamjfoy Exp $");
+__RCSID("$NetBSD: rm.c,v 1.45.2.1 2012/06/15 09:04:35 sborrill Exp $");
#endif
#endif /* not lint */
@@ -372,7 +372,7 @@ rm_file(char **argv)
int
rm_overwrite(char *file, struct stat *sbp)
{
- struct stat sb;
+ struct stat sb, sb2;
int fd, randint;
char randchar;
@@ -386,8 +386,18 @@ rm_overwrite(char *file, struct stat *sb
return 0;
/* flags to try to defeat hidden caching by forcing seeks */
- if ((fd = open(file, O_RDWR|O_SYNC|O_RSYNC, 0)) == -1)
+ if ((fd = open(file, O_RDWR|O_SYNC|O_RSYNC|O_NOFOLLOW, 0)) == -1)
+ goto err;
+
+ if (fstat(fd, &sb2)) {
goto err;
+ }
+
+ if (sb2.st_dev != sbp->st_dev || sb2.st_ino != sbp->st_ino ||
+ !S_ISREG(sb2.st_mode)) {
+ errno = EPERM;
+ goto err;
+ }
#define RAND_BYTES 1
#define THIS_BYTE 0
