aboutsummaryrefslogtreecommitdiff
path: root/internal/syscallcompat
diff options
context:
space:
mode:
authorJakob Unterwurzacher2017-11-30 19:40:53 +0100
committerJakob Unterwurzacher2017-11-30 19:40:53 +0100
commite97c23e08383666117523cf3145f1213b41c2489 (patch)
tree19e93878a9f87e41d4704325d4f01c44c464214b /internal/syscallcompat
parent22282aefe6f4da0257ea8f568aa4369ad15ce5f9 (diff)
syscallcompat: check that we get NOFOLLOW wherever possible
...and fix the instances where the AT_SYMLINK_NOFOLLOW / O_NOFOLLOW / O_EXCL flag was missing.
Diffstat (limited to 'internal/syscallcompat')
-rw-r--r--internal/syscallcompat/emulate.go4
-rw-r--r--internal/syscallcompat/sys_linux.go17
2 files changed, 19 insertions, 2 deletions
diff --git a/internal/syscallcompat/emulate.go b/internal/syscallcompat/emulate.go
index 59d0ea5..3af45f8 100644
--- a/internal/syscallcompat/emulate.go
+++ b/internal/syscallcompat/emulate.go
@@ -136,12 +136,12 @@ func emulateFchmodat(dirfd int, path string, mode uint32, flags int) (err error)
}
defer syscall.Fchdir(cwd)
// We also don't have Lchmod, so emulate it (poorly).
- if flags&unix.AT_SYMLINK_NOFOLLOW > 0 {
+ if flags&unix.AT_SYMLINK_NOFOLLOW != 0 {
fi, err := os.Lstat(path)
if err != nil {
return err
}
- if fi.Mode()&os.ModeSymlink > 0 {
+ if fi.Mode()&os.ModeSymlink != 0 {
return nil
}
}
diff --git a/internal/syscallcompat/sys_linux.go b/internal/syscallcompat/sys_linux.go
index 1ea56b5..e9ca7cb 100644
--- a/internal/syscallcompat/sys_linux.go
+++ b/internal/syscallcompat/sys_linux.go
@@ -6,6 +6,8 @@ import (
"syscall"
"unsafe"
+ "golang.org/x/sys/unix"
+
"github.com/rfjakob/gocryptfs/internal/tlog"
)
@@ -46,6 +48,11 @@ func Fallocate(fd int, mode uint32, off int64, len int64) (err error) {
// Openat wraps the Openat syscall.
func Openat(dirfd int, path string, flags int, mode uint32) (fd int, err error) {
+ // Why would we ever want to call this without O_NOFOLLOW and O_EXCL?
+ if !(flags&syscall.O_CREAT != 0 && flags&syscall.O_EXCL != 0) && flags&syscall.O_NOFOLLOW == 0 {
+ tlog.Warn.Printf("Openat: adding missing O_NOFOLLOW flag")
+ flags |= syscall.O_NOFOLLOW
+ }
return syscall.Openat(dirfd, path, flags, mode)
}
@@ -82,11 +89,21 @@ func Dup3(oldfd int, newfd int, flags int) (err error) {
// Fchmodat syscall.
func Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) {
+ // Why would we ever want to call this without AT_SYMLINK_NOFOLLOW?
+ if flags&unix.AT_SYMLINK_NOFOLLOW == 0 {
+ tlog.Warn.Printf("Fchmodat: adding missing AT_SYMLINK_NOFOLLOW flag")
+ flags |= unix.AT_SYMLINK_NOFOLLOW
+ }
return syscall.Fchmodat(dirfd, path, mode, flags)
}
// Fchownat syscall.
func Fchownat(dirfd int, path string, uid int, gid int, flags int) (err error) {
+ // Why would we ever want to call this without AT_SYMLINK_NOFOLLOW?
+ if flags&unix.AT_SYMLINK_NOFOLLOW == 0 {
+ tlog.Warn.Printf("Fchownat: adding missing AT_SYMLINK_NOFOLLOW flag")
+ flags |= unix.AT_SYMLINK_NOFOLLOW
+ }
return syscall.Fchownat(dirfd, path, uid, gid, flags)
}