diff options
Diffstat (limited to 'src/shared')
| -rw-r--r-- | src/shared/def.h | 1 | ||||
| -rw-r--r-- | src/shared/missing.h | 16 | ||||
| -rw-r--r-- | src/shared/util.c | 54 | ||||
| -rw-r--r-- | src/shared/util.h | 3 |
4 files changed, 63 insertions, 11 deletions
diff --git a/src/shared/def.h b/src/shared/def.h index a2304fddda..7777756aad 100644 --- a/src/shared/def.h +++ b/src/shared/def.h @@ -44,6 +44,7 @@ #define LOWERCASE_LETTERS "abcdefghijklmnopqrstuvwxyz" #define UPPERCASE_LETTERS "ABCDEFGHIJKLMNOPQRSTUVWXYZ" #define LETTERS LOWERCASE_LETTERS UPPERCASE_LETTERS +#define ALPHANUMERICAL LETTERS DIGITS #define REBOOT_PARAM_FILE "/run/systemd/reboot-param" diff --git a/src/shared/missing.h b/src/shared/missing.h index 6c038d9f08..4e62100030 100644 --- a/src/shared/missing.h +++ b/src/shared/missing.h @@ -301,25 +301,29 @@ static inline int name_to_handle_at(int fd, const char *name, struct file_handle #endif #ifndef CIFS_MAGIC_NUMBER -#define CIFS_MAGIC_NUMBER 0xFF534D42 +# define CIFS_MAGIC_NUMBER 0xFF534D42 #endif #ifndef TFD_TIMER_CANCEL_ON_SET -#define TFD_TIMER_CANCEL_ON_SET (1 << 1) +# define TFD_TIMER_CANCEL_ON_SET (1 << 1) #endif #ifndef SO_REUSEPORT -#define SO_REUSEPORT 15 +# define SO_REUSEPORT 15 #endif #ifndef EVIOCREVOKE -#define EVIOCREVOKE _IOW('E', 0x91, int) +# define EVIOCREVOKE _IOW('E', 0x91, int) #endif #ifndef DRM_IOCTL_SET_MASTER -#define DRM_IOCTL_SET_MASTER _IO('d', 0x1e) +# define DRM_IOCTL_SET_MASTER _IO('d', 0x1e) #endif #ifndef DRM_IOCTL_DROP_MASTER -#define DRM_IOCTL_DROP_MASTER _IO('d', 0x1f) +# define DRM_IOCTL_DROP_MASTER _IO('d', 0x1f) +#endif + +#ifndef TMP_MAX +# define TMP_MAX 238328 #endif diff --git a/src/shared/util.c b/src/shared/util.c index 27fc9594cd..a437d9b127 100644 --- a/src/shared/util.c +++ b/src/shared/util.c @@ -6109,6 +6109,53 @@ int getpeersec(int fd, char **ret) { return 0; } +int writev_safe(int fd, const struct iovec *w, int j) { + for (int i = 0; i < j; i++) { + size_t written = 0; + + while (written < w[i].iov_len) { + ssize_t r; + + r = write(fd, (char*) w[i].iov_base + written, w[i].iov_len - written); + if (r < 0 && errno != -EINTR) + return -errno; + + written += r; + } + } + + return 0; +} + +int mkostemp_safe(char *pattern, int flags) { + char *s = pattern + strlen(pattern) - 6; + uint64_t tries = TMP_MAX; + int randfd, fd, i; + + assert(streq(s, "XXXXXX")); + + randfd = open("/dev/urandom", O_RDONLY); + if (randfd < 0) + return -ENOSYS; + + while (tries--) { + fd = read(randfd, s, 6); + if (fd == 0) + return -ENOSYS; + + for (i = 0; i < 6; i++) + s[i] = ALPHANUMERICAL[(unsigned) s[i] % strlen(ALPHANUMERICAL)]; + + fd = open(pattern, flags|O_EXCL|O_CREAT, S_IRUSR|S_IWUSR); + if (fd >= 0) + return fd; + if (!IN_SET(errno, EEXIST, EINTR)) + return -errno; + } + + return -EEXIST; +} + int open_tmpfile(const char *path, int flags) { int fd; char *p; @@ -6120,12 +6167,9 @@ int open_tmpfile(const char *path, int flags) { #endif p = strappenda(path, "/systemd-tmp-XXXXXX"); - RUN_WITH_UMASK(0077) { - fd = mkostemp(p, O_RDWR|O_CLOEXEC); - } - + fd = mkostemp_safe(p, O_RDWR|O_CLOEXEC); if (fd < 0) - return -errno; + return fd; unlink(p); return fd; diff --git a/src/shared/util.h b/src/shared/util.h index 630137a53a..1169864c3a 100644 --- a/src/shared/util.h +++ b/src/shared/util.h @@ -850,4 +850,7 @@ bool pid_valid(pid_t pid); int getpeercred(int fd, struct ucred *ucred); int getpeersec(int fd, char **ret); +int writev_safe(int fd, const struct iovec *w, int j); + +int mkostemp_safe(char *pattern, int flags); int open_tmpfile(const char *path, int flags); |