aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOmar Polo <op@omarpolo.com>2021-07-27 09:21:42 +0000
committerOmar Polo <op@omarpolo.com>2021-07-27 09:21:42 +0000
commitefb48052dcb6788001e7cce089c2b2f375d927c5 (patch)
tree2af8d5f4f05c8fd48a368ec39d57a729a9f5d226
parenta8e1e8d73853b4373ae4554be976bf827cb2dc81 (diff)
relax openat rule: follow symlinks
O_NOFOLLOW acts only on *the last component*, so on open("/foo/bar/baz") only when baz is a symlink open fails. Checking every path component is not viable. gh issue #5 related (sort of)
-rw-r--r--server.c5
1 files changed, 2 insertions, 3 deletions
diff --git a/server.c b/server.c
index 905ca0f..18fdb6e 100644
--- a/server.c
+++ b/server.c
@@ -310,7 +310,7 @@ check_path(struct client *c, const char *path, int *fd)
{
struct stat sb;
const char *p;
- int flags, dirfd, strip;
+ int dirfd, strip;
assert(path != NULL);
@@ -332,8 +332,7 @@ check_path(struct client *c, const char *path, int *fd)
dirfd = vhost_dirfd(c->host, path, &c->loc);
log_debug(c, "check_path: strip=%d path=%s original=%s",
strip, p, path);
- flags = O_RDONLY | O_NOFOLLOW;
- if (*fd == -1 && (*fd = openat(dirfd, p, flags)) == -1)
+ if (*fd == -1 && (*fd = openat(dirfd, p, O_RDONLY)) == -1)
return FILE_MISSING;
if (fstat(*fd, &sb) == -1) {