briefly mention /etc/examples/ in the FILES section of all the manual pages that...

[opendoas.git] / timestamp.c

diff --git a/timestamp.c b/timestamp.c
index c90318dd71daf7ca6cc109ff2cad725949164ef4..6b4354cc868739305019023e4b445a7b5f09ad26 100644 (file)
--- a/timestamp.c
+++ b/timestamp.c
@@ -98,25 +98,32 @@ proc_info(pid_t pid, int *ttynr, unsigned long long *starttime)
        if (n < 0 || n >= (int)sizeof path)
                return -1;
 
-       if ((fd = open(path, O_RDONLY)) == -1)
+       if ((fd = open(path, O_RDONLY|O_NOFOLLOW)) == -1) {
+               warn("failed to open: %s", path);
                return -1;
+       }
 
-       while ((n = read(fd, p, buf + sizeof buf - p)) != 0) {
+       while ((n = read(fd, p, buf + (sizeof buf - 1) - p)) != 0) {
                if (n == -1) {
                        if (errno == EAGAIN || errno == EINTR)
                                continue;
+                       warn("read: %s", path);
                        close(fd);
                        return -1;
                }
                p += n;
-               if (p >= buf + sizeof buf)
+               if (p >= buf + (sizeof buf - 1))
                        break;
        }
        close(fd);
 
        /* error if it contains NULL bytes */
-       if (n != 0 || memchr(buf, '\0', p - buf))
+       if (n != 0 || memchr(buf, '\0', p - buf - 1) != NULL) {
+               warn("NUL in: %s", path);
                return -1;
+       }
+
+       *p = '\0';
 
        /* Get the 7th field, 5 fields after the last ')',
         * (2th field) because the 5th field 'comm' can include
@@ -194,14 +201,19 @@ timestamp_check(int fd, int secs)
        struct stat st;
 
        if (fstat(fd, &st) == -1)
-               return 0;
+               err(1, "fstat");
+       if (st.st_uid != 0 || st.st_gid != getgid() || st.st_mode != (S_IFREG | 0000))
+               errx(1, "timestamp uid, gid or mode wrong");
 
+       /* this timestamp was created but never set, invalid but no error */
        if (!timespecisset(&st.st_atim) || !timespecisset(&st.st_mtim))
                return 0;
 
        if (clock_gettime(CLOCK_BOOTTIME, &ts[0]) == -1 ||
-           clock_gettime(CLOCK_REALTIME, &ts[1]) == -1)
+           clock_gettime(CLOCK_REALTIME, &ts[1]) == -1) {
+               warn("clock_gettime");
                return 0;
+       }
 
        /* check if timestamp is too old */
        if (timespeccmp(&st.st_atim, &ts[0], <) ||
@@ -212,8 +224,10 @@ timestamp_check(int fd, int secs)
        timespecadd(&ts[0], &timeout, &ts[0]);
        timespecadd(&ts[1], &timeout, &ts[1]);
        if (timespeccmp(&st.st_atim, &ts[0], >) ||
-           timespeccmp(&st.st_mtim, &ts[1], >))
+           timespeccmp(&st.st_mtim, &ts[1], >)) {
+               warnx("timestamp too far in the future");
                return 0;
+       }
 
        return 1;
 }
@@ -241,14 +255,14 @@ timestamp_open(int *valid, int secs)
        if (timestamp_path(path, sizeof path) == -1)
                return -1;
 
-       if (stat(path, &st) != -1 && (st.st_uid != 0 || st.st_gid != getgid()|| st.st_mode != (S_IFREG | 0000)))
-               return -1;
-
        fd = open(path, O_RDONLY|O_NOFOLLOW);
        if (fd == -1) {
                char tmp[256];
                int n;
 
+               if (errno != ENOENT)
+                       err(1, "open: %s", path);
+
                n = snprintf(tmp, sizeof tmp, TIMESTAMP_DIR "/.tmp-%d", getpid());
                if (n < 0 || n >= (int)sizeof tmp)
                        return -1;