diff options
| author | Denis Vlasenko <vda.linux@googlemail.com> | 2007-09-11 10:39:13 +0000 |
|---|---|---|
| committer | Denis Vlasenko <vda.linux@googlemail.com> | 2007-09-11 10:39:13 +0000 |
| commit | fa05074eeed1a6a25393d4b466c7512112f39104 (patch) | |
| tree | 5032b21d6c04f915069da7b94e009c50c8674305 | |
| parent | 976690afe0b376c580dd2756e6d8eafe1317a011 (diff) | |
| download | busybox-w32-fa05074eeed1a6a25393d4b466c7512112f39104.tar.gz busybox-w32-fa05074eeed1a6a25393d4b466c7512112f39104.tar.bz2 busybox-w32-fa05074eeed1a6a25393d4b466c7512112f39104.zip | |
cp: make "cp file /dev/node" special case; explained in comments
function old new delta
copy_file 1487 1538 +51
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/0 up/down: 51/0) Total: 51 bytes
text data bss dec hex filename
772502 1051 10724 784277 bf795 busybox_old
772554 1051 10724 784329 bf7c9 busybox_unstripped
| -rw-r--r-- | libbb/copy_file.c | 22 |
1 files changed, 15 insertions, 7 deletions
diff --git a/libbb/copy_file.c b/libbb/copy_file.c index efb969faa..86449f27c 100644 --- a/libbb/copy_file.c +++ b/libbb/copy_file.c | |||
| @@ -19,6 +19,9 @@ | |||
| 19 | // (or fail, if it points to dir/nonexistent location/etc). | 19 | // (or fail, if it points to dir/nonexistent location/etc). |
| 20 | // This is strange, but POSIX-correct. | 20 | // This is strange, but POSIX-correct. |
| 21 | // coreutils cp has --remove-destination to override this... | 21 | // coreutils cp has --remove-destination to override this... |
| 22 | // | ||
| 23 | // NB: we have special code which still allows for "cp file /dev/node" | ||
| 24 | // to work POSIX-ly (the only realistic case where it makes sense) | ||
| 22 | 25 | ||
| 23 | #define DO_POSIX_CP 0 /* 1 - POSIX behavior, 0 - safe behavior */ | 26 | #define DO_POSIX_CP 0 /* 1 - POSIX behavior, 0 - safe behavior */ |
| 24 | 27 | ||
| @@ -243,13 +246,18 @@ int copy_file(const char *source, const char *dest, int flags) | |||
| 243 | if (src_fd < 0) | 246 | if (src_fd < 0) |
| 244 | return -1; | 247 | return -1; |
| 245 | 248 | ||
| 246 | #if DO_POSIX_CP /* POSIX way (a security problem versus symlink attacks!): */ | 249 | /* POSIX way is a security problem versus symlink attacks, |
| 247 | dst_fd = open(dest, (flags & FILEUTILS_INTERACTIVE) | 250 | * we do it only for dest's which are device nodes, |
| 248 | ? O_WRONLY|O_CREAT|O_EXCL | 251 | * and only for non-recursive, non-interactive cp. NB: it is still racy |
| 249 | : O_WRONLY|O_CREAT|O_TRUNC, source_stat.st_mode); | 252 | * for "cp file /home/bad_user/device_node" case |
| 250 | #else /* safe way: */ | 253 | * (user can rm device_node and create link to /etc/passwd) */ |
| 251 | dst_fd = open(dest, O_WRONLY|O_CREAT|O_EXCL, source_stat.st_mode); | 254 | if (DO_POSIX_CP |
| 252 | #endif | 255 | || (dest_exists && !(flags & (FILEUTILS_RECUR|FILEUTILS_INTERACTIVE)) |
| 256 | && (S_ISBLK(dest_stat.st_mode) || S_ISCHR(dest_stat.st_mode))) | ||
| 257 | ) { | ||
| 258 | dst_fd = open(dest, O_WRONLY|O_CREAT|O_TRUNC, source_stat.st_mode); | ||
| 259 | } else /* safe way: */ | ||
| 260 | dst_fd = open(dest, O_WRONLY|O_CREAT|O_EXCL, source_stat.st_mode); | ||
| 253 | if (dst_fd == -1) { | 261 | if (dst_fd == -1) { |
| 254 | ovr = ask_and_unlink(dest, flags); | 262 | ovr = ask_and_unlink(dest, flags); |
| 255 | if (ovr <= 0) { | 263 | if (ovr <= 0) { |