diff options
| author | jsm <jsm@NetBSD.org> | 2000-02-09 22:27:55 +0000 |
|---|---|---|
| committer | jsm <jsm@NetBSD.org> | 2000-02-09 22:27:55 +0000 |
| commit | 6a2a60db41cc5b3db833740e9381e58f5270a775 (patch) | |
| tree | 2437ba95f91b7f0cdaa57157b4588f68a0e652f4 /sail/sync.c | |
| parent | dc6fb5dc49807bdfab1b64b687522b76a6492011 (diff) | |
| download | bsdgames-darwin-6a2a60db41cc5b3db833740e9381e58f5270a775.tar.gz bsdgames-darwin-6a2a60db41cc5b3db833740e9381e58f5270a775.zip | |
Fix insecure /tmp usage in sail.
Essentially concludes the merge into NetBSD of those changes in the
Linux port of the NetBSD games which it is fairly clear to me should
be so merged.
Diffstat (limited to 'sail/sync.c')
| -rw-r--r-- | sail/sync.c | 43 |
1 files changed, 31 insertions, 12 deletions
diff --git a/sail/sync.c b/sail/sync.c index 9b5b5049..b6e93e1d 100644 --- a/sail/sync.c +++ b/sail/sync.c @@ -1,4 +1,4 @@ -/* $NetBSD: sync.c,v 1.13 1999/09/09 17:30:20 jsm Exp $ */ +/* $NetBSD: sync.c,v 1.14 2000/02/09 22:27:56 jsm Exp $ */ /* * Copyright (c) 1983, 1993 @@ -38,7 +38,7 @@ #if 0 static char sccsid[] = "@(#)sync.c 8.2 (Berkeley) 4/28/95"; #else -__RCSID("$NetBSD: sync.c,v 1.13 1999/09/09 17:30:20 jsm Exp $"); +__RCSID("$NetBSD: sync.c,v 1.14 2000/02/09 22:27:56 jsm Exp $"); #endif #endif /* not lint */ @@ -55,17 +55,18 @@ __RCSID("$NetBSD: sync.c,v 1.13 1999/09/09 17:30:20 jsm Exp $"); #include <sys/stat.h> #include <time.h> #include "extern.h" +#include "pathnames.h" #define BUFSIZE 4096 +static const char SF[] = _PATH_SYNC; +static const char LF[] = _PATH_LOCK; static char sync_buf[BUFSIZE]; static char *sync_bp = sync_buf; -static char sync_lock[25]; -static char sync_file[25]; +static char sync_lock[sizeof SF]; +static char sync_file[sizeof LF]; static long sync_seek; static FILE *sync_fp; -#define SF "/tmp/#sailsink.%d" -#define LF "/tmp/#saillock.%d" void fmtship(buf, len, fmt, ship) @@ -160,30 +161,39 @@ sync_exists(game) (void) sprintf(buf, SF, game); (void) time(&t); - if (stat(buf, &s) < 0) + setegid(egid); + if (stat(buf, &s) < 0) { + setegid(gid); return 0; + } if (s.st_mtime < t - 60*60*2) { /* 2 hours */ (void) unlink(buf); (void) sprintf(buf, LF, game); (void) unlink(buf); + setegid(gid); return 0; - } else + } else { + setegid(gid); return 1; + } } int sync_open() { + struct stat tmp; if (sync_fp != NULL) (void) fclose(sync_fp); (void) sprintf(sync_lock, LF, game); (void) sprintf(sync_file, SF, game); - if (access(sync_file, 0) < 0) { - int omask = umask(issetuid ? 077 : 011); + setegid(egid); + if (stat(sync_file, &tmp) < 0) { + mode_t omask = umask(002); sync_fp = fopen(sync_file, "w+"); (void) umask(omask); } else sync_fp = fopen(sync_file, "r+"); + setegid(gid); if (sync_fp == NULL) return -1; sync_seek = 0; @@ -196,8 +206,11 @@ sync_close(remove) { if (sync_fp != 0) (void) fclose(sync_fp); - if (remove) + if (remove) { + setegid(egid); (void) unlink(sync_file); + setegid(gid); + } } void @@ -254,8 +267,12 @@ Sync() if (errno != EWOULDBLOCK) return -1; #else - if (link(sync_file, sync_lock) >= 0) + setegid(egid); + if (link(sync_file, sync_lock) >= 0) { + setegid(gid); break; + } + setegid(gid); if (errno != EEXIST) return -1; #endif @@ -319,7 +336,9 @@ out: #ifdef LOCK_EX (void) flock(fileno(sync_fp), LOCK_UN); #else + setegid(egid); (void) unlink(sync_lock); + setegid(gid); #endif (void) signal(SIGHUP, sighup); (void) signal(SIGINT, sigint); |