On Wed, Oct 25, 2023 at 07:00:28PM +0200, Omar Polo wrote:
> On 2023/10/25 13:38:37 +0200, Alexander Bluhm <[email protected]> wrote:
> > @@ -213,11 +214,27 @@ main(int argc, char *argv[])
> > perror("unveil");
> > my_exit(2);
> > }
> > - if (filearg[0] != NULL)
> > + if (filearg[0] != NULL) {
> > + char *origdir;
> > +
> > if (unveil(filearg[0], "rwc") == -1) {
> > perror("unveil");
> > my_exit(2);
> > }
> > + if ((origdir = dirname(filearg[0])) == NULL) {
>
> Not sure if we're interested in it, but dirname(3) theoretically alter
> the passed string. our dirname doesn't do it, but per posix it can,
> IIUC. This could cause issues since filearg[0] is used later.
>
> If we care about portability here, we should pass a copy to dirname.
> don't know if we care thought.
unveil(2) is not portable code anyway. And dirname(3) is only used
for that.
> > + perror("dirname");
> > + my_exit(2);
> > + }
> > + if (unveil(origdir, "rwc") == -1) {
> > + perror("unveil");
> > + my_exit(2);
> > + }
> > + } else {
> > + if (unveil(".", "rwc") == -1) {
> > + perror("unveil");
> > + my_exit(2);
> > + }
> > + }
> > if (filearg[1] != NULL)
> > if (unveil(filearg[1], "r") == -1) {
> > perror("unveil");
