+/*
+ * Copyright (c) 2020 Duncan Overbruck <mail@duncano.de>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include "config.h"
+
/*
* 1) Timestamp files and directories
*
#include <time.h>
#include <unistd.h>
-#include "includes.h"
+#include "openbsd.h"
+#include "doas.h"
#ifndef TIMESTAMP_DIR
# define TIMESTAMP_DIR "/run/doas"
if (n < 0 || n >= (int)sizeof path)
return -1;
- if ((fd = open(path, O_RDONLY)) == -1)
+ if ((fd = open(path, O_RDONLY|O_NOFOLLOW)) == -1) {
+ warn("failed to open: %s", path);
return -1;
+ }
- while ((n = read(fd, p, buf + sizeof buf - p)) != 0) {
+ while ((n = read(fd, p, buf + (sizeof buf - 1) - p)) != 0) {
if (n == -1) {
if (errno == EAGAIN || errno == EINTR)
continue;
+ warn("read: %s", path);
close(fd);
return -1;
}
p += n;
- if (p >= buf + sizeof buf)
+ if (p >= buf + (sizeof buf - 1))
break;
}
close(fd);
/* error if it contains NULL bytes */
- if (n != 0 || memchr(buf, '\0', p - buf))
+ if (n != 0 || memchr(buf, '\0', p - buf - 1) != NULL) {
+ warn("NUL in: %s", path);
return -1;
+ }
+
+ *p = '\0';
/* Get the 7th field, 5 fields after the last ')',
* (2th field) because the 5th field 'comm' can include
if (p == ep ||
(errno == ERANGE && *starttime == ULLONG_MAX))
return -1;
- break;
+ return 0;
}
- if (n == 23)
- break;
}
- return 0;
+ return -1;
}
#else
#error "proc_info not implemented"
struct stat st;
if (fstat(fd, &st) == -1)
- return 0;
+ err(1, "fstat");
+ if (st.st_uid != 0 || st.st_gid != getgid() || st.st_mode != (S_IFREG | 0000))
+ errx(1, "timestamp uid, gid or mode wrong");
+ /* this timestamp was created but never set, invalid but no error */
if (!timespecisset(&st.st_atim) || !timespecisset(&st.st_mtim))
return 0;
if (clock_gettime(CLOCK_BOOTTIME, &ts[0]) == -1 ||
- clock_gettime(CLOCK_REALTIME, &ts[1]) == -1)
+ clock_gettime(CLOCK_REALTIME, &ts[1]) == -1) {
+ warn("clock_gettime");
return 0;
+ }
/* check if timestamp is too old */
if (timespeccmp(&st.st_atim, &ts[0], <) ||
timespecadd(&ts[0], &timeout, &ts[0]);
timespecadd(&ts[1], &timeout, &ts[1]);
if (timespeccmp(&st.st_atim, &ts[0], >) ||
- timespeccmp(&st.st_mtim, &ts[1], >))
+ timespeccmp(&st.st_mtim, &ts[1], >)) {
+ warnx("timestamp too far in the future");
return 0;
+ }
return 1;
}
if (timestamp_path(path, sizeof path) == -1)
return -1;
- if (stat(path, &st) != -1 && (st.st_uid != 0 || st.st_gid != getgid()|| st.st_mode != (S_IFREG | 0000)))
- return -1;
-
fd = open(path, O_RDONLY|O_NOFOLLOW);
if (fd == -1) {
char tmp[256];
int n;
+ if (errno != ENOENT)
+ err(1, "open: %s", path);
+
n = snprintf(tmp, sizeof tmp, TIMESTAMP_DIR "/.tmp-%d", getpid());
if (n < 0 || n >= (int)sizeof tmp)
return -1;