unpack: don't chdir use dirfd, cleanup permissions

- don't chdir into root directory, use dirfd instead
 - make sure we don't dereference symlinks when chaning permissions
   (using appropriate AT_* flag)

Signed-off-by: David Oberhollenzer <goliath@infraroot.at>
This commit is contained in:
David Oberhollenzer 2019-01-30 11:27:32 +01:00
parent 04f19bac2f
commit 3a4f19d1c5
3 changed files with 38 additions and 32 deletions

View File

@ -1,12 +1,12 @@
#include "unpack.h"
int create_hierarchy(image_entry_t *list)
int create_hierarchy(int dirfd, image_entry_t *list)
{
image_entry_t *ent;
for (ent = list; ent != NULL; ent = ent->next) {
if (S_ISDIR(ent->mode)) {
if (mkdir(ent->name, 0755)) {
if (mkdirat(dirfd, ent->name, 0755)) {
perror(ent->name);
return -1;
}
@ -15,7 +15,8 @@ int create_hierarchy(image_entry_t *list)
for (ent = list; ent != NULL; ent = ent->next) {
if (S_ISLNK(ent->mode)) {
if (symlink(ent->data.symlink.target, ent->name)) {
if (symlinkat(ent->data.symlink.target,
dirfd, ent->name)) {
perror(ent->name);
return -1;
}

View File

@ -10,19 +10,6 @@ static const struct option long_opts[] = {
static const char *short_opts = "r:om";
static int set_root(const char *path)
{
if (mkdir_p(path))
return -1;
if (chdir(path)) {
fprintf(stderr, "cd %s: %s\n", path, strerror(errno));
return -1;
}
return 0;
}
static image_entry_t *get_file_entry(image_entry_t *list, uint32_t id)
{
while (list != NULL) {
@ -35,7 +22,7 @@ static image_entry_t *get_file_entry(image_entry_t *list, uint32_t id)
return NULL;
}
static int unpack_files(image_entry_t *list, pkg_reader_t *rd)
static int unpack_files(int dirfd, image_entry_t *list, pkg_reader_t *rd)
{
uint8_t buffer[2048];
image_entry_t *meta;
@ -64,7 +51,8 @@ static int unpack_files(image_entry_t *list, pkg_reader_t *rd)
return -1;
}
fd = open(meta->name, O_WRONLY | O_CREAT | O_EXCL, 0644);
fd = openat(dirfd, meta->name, O_WRONLY | O_CREAT | O_EXCL,
0644);
if (fd < 0) {
perror(meta->name);
return -1;
@ -110,7 +98,7 @@ fail_trunc:
return -1;
}
static int change_permissions(image_entry_t *list, int flags)
static int change_permissions(int dirfd, image_entry_t *list, int flags)
{
while (list != NULL) {
if (S_ISLNK(list->mode)) {
@ -118,8 +106,9 @@ static int change_permissions(image_entry_t *list, int flags)
continue;
}
if (!(flags & FLAG_NO_CHMOD)) {
if (chmod(list->name, list->mode)) {
if (!(flags & FLAG_NO_CHMOD) && !S_ISLNK(list->mode)) {
if (fchmodat(dirfd, list->name,
list->mode & 07777, 0)) {
fprintf(stderr, "%s: chmod: %s\n", list->name,
strerror(errno));
return -1;
@ -127,7 +116,8 @@ static int change_permissions(image_entry_t *list, int flags)
}
if (!(flags & FLAG_NO_CHOWN)) {
if (chown(list->name, list->uid, list->gid)) {
if (fchownat(dirfd, list->name, list->uid, list->gid,
AT_SYMLINK_NOFOLLOW)) {
fprintf(stderr, "%s: chown: %s\n", list->name,
strerror(errno));
return -1;
@ -143,8 +133,8 @@ static int change_permissions(image_entry_t *list, int flags)
static int cmd_unpack(int argc, char **argv)
{
const char *root = NULL, *filename;
int i, rootfd, ret, flags = 0;
image_entry_t *list = NULL;
int i, ret, flags = 0;
pkg_reader_t *rd;
record_t *hdr;
@ -179,14 +169,27 @@ static int cmd_unpack(int argc, char **argv)
if (optind < argc)
fputs("warning: ignoring extra arguments\n", stderr);
if (root == NULL) {
rootfd = AT_FDCWD;
} else {
if (mkdir_p(root))
return EXIT_FAILURE;
rootfd = open(root, O_RDONLY | O_DIRECTORY);
if (rootfd < 0) {
perror(root);
return EXIT_FAILURE;
}
}
rd = pkg_reader_open(filename);
if (rd == NULL)
return EXIT_FAILURE;
goto fail_rootfd;
list = image_entry_list_from_package(rd);
if (list == NULL) {
pkg_reader_close(rd);
return EXIT_FAILURE;
goto fail_rootfd;
}
list = image_entry_sort(list);
@ -194,10 +197,7 @@ static int cmd_unpack(int argc, char **argv)
if (pkg_reader_rewind(rd))
goto fail;
if (root != NULL && set_root(root) != 0)
goto fail;
if (create_hierarchy(list))
if (create_hierarchy(rootfd, list))
goto fail;
for (;;) {
@ -210,20 +210,25 @@ static int cmd_unpack(int argc, char **argv)
hdr = pkg_reader_current_record_header(rd);
if (hdr->magic == PKG_MAGIC_DATA) {
if (unpack_files(list, rd))
if (unpack_files(rootfd, list, rd))
goto fail;
}
}
if (change_permissions(list, flags))
if (change_permissions(rootfd, list, flags))
goto fail;
image_entry_free_list(list);
pkg_reader_close(rd);
if (rootfd != AT_FDCWD)
close(rootfd);
return EXIT_SUCCESS;
fail:
image_entry_free_list(list);
pkg_reader_close(rd);
fail_rootfd:
if (rootfd != AT_FDCWD)
close(rootfd);
return EXIT_FAILURE;
}

View File

@ -21,7 +21,7 @@ enum {
FLAG_NO_CHMOD = 0x02,
};
int create_hierarchy(image_entry_t *list);
int create_hierarchy(int dirfd, image_entry_t *list);
int mkdir_p(const char *path);