From fd63140e1c79369e6d1e90bf1849569e1477f4ec Mon Sep 17 00:00:00 2001 From: Nick Terrell Date: Fri, 5 Jan 2018 11:44:25 -0800 Subject: [PATCH 1/3] [util] Refuse to set file stat on non-regular file --- programs/util.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/programs/util.h b/programs/util.h index af1fa7fc..4f22236a 100644 --- a/programs/util.h +++ b/programs/util.h @@ -246,11 +246,17 @@ UTIL_STATIC void UTIL_waitForNextTick(void) #endif +UTIL_STATIC int UTIL_isRegularFile(const char* infilename); + + UTIL_STATIC int UTIL_setFileStat(const char *filename, stat_t *statbuf) { int res = 0; struct utimbuf timebuf; + if (!UTIL_isRegularFile(filename)) + return -1; + timebuf.actime = time(NULL); timebuf.modtime = statbuf->st_mtime; res += utime(filename, &timebuf); /* set access and modification times */ From 282ad05e0a4214e429682062716ccd9ad5bafc23 Mon Sep 17 00:00:00 2001 From: Nick Terrell Date: Fri, 5 Jan 2018 11:44:45 -0800 Subject: [PATCH 2/3] [fileio] Use FIO_remove() everywhere for safety --- programs/fileio.c | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/programs/fileio.c b/programs/fileio.c index f9c9087b..71b87d4d 100644 --- a/programs/fileio.c +++ b/programs/fileio.c @@ -139,7 +139,10 @@ static void INThandler(int sig) #if !defined(_MSC_VER) signal(sig, SIG_IGN); /* this invocation generates a buggy warning in Visual Studio */ #endif - if (g_artefact) remove(g_artefact); + if (g_artefact) { + assert(UTIL_isRegularFile(g_artefact)); + remove(g_artefact); + } DISPLAY("\n"); exit(2); } @@ -861,7 +864,7 @@ static int FIO_compressFilename_srcFile(cRess_t ress, * delete both the source and destination files. */ clearHandler(); - if (remove(srcFileName)) + if (FIO_remove(srcFileName)) EXM_THROW(1, "zstd: %s: %s", srcFileName, strerror(errno)); } return result; @@ -899,10 +902,12 @@ static int FIO_compressFilename_dstFile(cRess_t ress, result=1; } if (result!=0) { /* remove operation artefact */ - if (remove(dstFileName)) + if (FIO_remove(dstFileName)) EXM_THROW(1, "zstd: %s: %s", dstFileName, strerror(errno)); } - else if (strcmp (dstFileName, stdoutmark) && stat_result) + else if ( strcmp(dstFileName, stdoutmark) + && strcmp(dstFileName, nulmark) + && stat_result) UTIL_setFileStat(dstFileName, &statbuf); return result; @@ -1575,7 +1580,7 @@ static int FIO_decompressSrcFile(dRess_t ress, const char* dstFileName, const ch * delete both the source and destination files. */ clearHandler(); - if (remove(srcFileName)) { + if (FIO_remove(srcFileName)) { /* failed to remove src file */ DISPLAYLEVEL(1, "zstd: %s: %s \n", srcFileName, strerror(errno)); return 1; @@ -1618,7 +1623,7 @@ static int FIO_decompressDstFile(dRess_t ress, if ( (result != 0) /* operation failure */ && strcmp(dstFileName, nulmark) /* special case : don't remove() /dev/null (#316) */ && strcmp(dstFileName, stdoutmark) ) /* special case : don't remove() stdout */ - remove(dstFileName); /* remove decompression artefact; note don't do anything special if remove() fails */ + FIO_remove(dstFileName); /* remove decompression artefact; note don't do anything special if remove() fails */ else { /* operation success */ if ( strcmp(dstFileName, stdoutmark) /* special case : don't chmod stdout */ && strcmp(dstFileName, nulmark) /* special case : don't chmod /dev/null */ From ed9611dc62bb1376012d229b0e6f7f974f5266db Mon Sep 17 00:00:00 2001 From: Nick Terrell Date: Fri, 5 Jan 2018 11:49:55 -0800 Subject: [PATCH 3/3] [fileio] Don't call FIO_remove() on stdout or /dev/null --- programs/fileio.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/programs/fileio.c b/programs/fileio.c index 71b87d4d..887cbeb3 100644 --- a/programs/fileio.c +++ b/programs/fileio.c @@ -901,10 +901,10 @@ static int FIO_compressFilename_dstFile(cRess_t ress, DISPLAYLEVEL(1, "zstd: %s: %s \n", dstFileName, strerror(errno)); result=1; } - if (result!=0) { /* remove operation artefact */ - if (FIO_remove(dstFileName)) - EXM_THROW(1, "zstd: %s: %s", dstFileName, strerror(errno)); - } + if ( (result != 0) /* operation failure */ + && strcmp(dstFileName, nulmark) /* special case : don't remove() /dev/null */ + && strcmp(dstFileName, stdoutmark) ) /* special case : don't remove() stdout */ + FIO_remove(dstFileName); /* remove compression artefact; note don't do anything special if remove() fails */ else if ( strcmp(dstFileName, stdoutmark) && strcmp(dstFileName, nulmark) && stat_result)