Hi *, some maintenance commits to use the gnulib *-safer wrappers more consistently which avoid some stdin/stdout/stderr abuse cases.
* [PATCH 1/2] maint: use more *-safer gnulib modules * [PATCH 2/2] maint: use gnulib *_safer functions consistently Have a nice day, Berny
>From 160e2f8258cb2a3f8cf055658b1840df5347bd6a Mon Sep 17 00:00:00 2001 From: Bernhard Voelker <m...@bernhard-voelker.de> Date: Wed, 2 Dec 2020 01:12:16 +0100 Subject: [PATCH 1/2] maint: use more *-safer gnulib modules See section "Handling closed standard file descriptors" in the gnulib manual. * bootstrip.conf (gnulib_modules): Add fcntl-safer, openat-safer and unistd-safer. * find/exec.c: Include "fcntl--.h" to use the *-safer variant of open() or openat(). * find/pred.c: Likewise. * locate/locate.c: Likewise. * xargs/xargs.c: Likewise, and include "unustd--.h" to use the *-safer variant of pipe(). --- bootstrap.conf | 3 +++ find/exec.c | 1 + find/pred.c | 1 + locate/locate.c | 1 + xargs/xargs.c | 2 ++ 5 files changed, 8 insertions(+) diff --git a/bootstrap.conf b/bootstrap.conf index 8e0dbcf1..a80e2897 100644 --- a/bootstrap.conf +++ b/bootstrap.conf @@ -93,6 +93,7 @@ gnulib_modules=" faccessat fchdir fcntl + fcntl-safer fdopendir fflush fileblocks @@ -131,6 +132,7 @@ gnulib_modules=" mountlist nstrftime open + openat-safer parse-datetime pathmax perror @@ -167,6 +169,7 @@ gnulib_modules=" sys_wait timespec uname + unistd-safer unlinkat verify version-etc diff --git a/find/exec.c b/find/exec.c index 5551de56..e8f14d10 100644 --- a/find/exec.c +++ b/find/exec.c @@ -30,6 +30,7 @@ #include "cloexec.h" #include "dirname.h" #include "error.h" +#include "fcntl--.h" #include "save-cwd.h" #include "xalloc.h" diff --git a/find/pred.c b/find/pred.c index 9f2f159e..7a64a866 100644 --- a/find/pred.c +++ b/find/pred.c @@ -38,6 +38,7 @@ #include "areadlink.h" #include "dirname.h" #include "error.h" +#include "fcntl--.h" #include "fnmatch.h" #include "stat-size.h" #include "stat-time.h" diff --git a/locate/locate.c b/locate/locate.c index b3a49b84..bcd76103 100644 --- a/locate/locate.c +++ b/locate/locate.c @@ -84,6 +84,7 @@ #include "progname.h" #include "xalloc.h" #include "error.h" +#include "fcntl--.h" #include "human.h" #include "dirname.h" #include "closeout.h" diff --git a/xargs/xargs.c b/xargs/xargs.c index e9ef763c..1149999c 100644 --- a/xargs/xargs.c +++ b/xargs/xargs.c @@ -54,9 +54,11 @@ /* gnulib headers. */ #include "closein.h" #include "error.h" +#include "fcntl--.h" #include "progname.h" #include "quotearg.h" #include "safe-read.h" +#include "unistd--.h" #include "xalloc.h" /* find headers. */ -- 2.29.2
>From dc1a69f6dc484e9ca72507f15e940ce3d060376e Mon Sep 17 00:00:00 2001 From: Bernhard Voelker <m...@bernhard-voelker.de> Date: Wed, 2 Dec 2020 02:00:01 +0100 Subject: [PATCH 2/2] maint: use gnulib *_safer functions consistently Avoid using fopen_safer and opendir_safer directly in favor of letting gnulib transparently doing the work via "dirent--.h" and "stdio--.h". * find/oldfind.c (dirent-safer.h): Replace include ... (dirent--.h): ... by this. (process_dir): Change opendir_safer to the regular opendir call. * find/sharefile.c (stdio-safer.h): Replace include ... (stdio--.h): ... by this. (sharefile_fopen): Change fopen_safer to regular fopen call. * lib/fdleak.c (dirent-safer.h): Replace include ... (dirent--.h): ... by this. (get_proc_max_fd): Change opendir_safer to regular opendir call. --- find/oldfind.c | 4 ++-- find/sharefile.c | 4 ++-- lib/fdleak.c | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/find/oldfind.c b/find/oldfind.c index d40bfb52..1da68037 100644 --- a/find/oldfind.c +++ b/find/oldfind.c @@ -35,7 +35,7 @@ /* gnulib headers. */ #include "canonicalize.h" #include "closein.h" -#include "dirent-safer.h" +#include "dirent--.h" #include "dirname.h" #include "error.h" #include "fcntl--.h" @@ -1304,7 +1304,7 @@ process_dir (const char *pathname, const char *name, int pathlen, const struct s } errno = 0; - dirp = opendir_safer (name); + dirp = opendir (name); if (dirp == NULL) { diff --git a/find/sharefile.c b/find/sharefile.c index 2b2bff72..384432ff 100644 --- a/find/sharefile.c +++ b/find/sharefile.c @@ -29,7 +29,7 @@ /* gnulib headers. */ #include "cloexec.h" #include "hash.h" -#include "stdio-safer.h" +#include "stdio--.h" /* find headers. */ #include "sharefile.h" @@ -154,7 +154,7 @@ sharefile_fopen (sharefile_handle h, const char *filename) return NULL; } - if (NULL == (new_entry->fp = fopen_safer (filename, p->mode))) + if (NULL == (new_entry->fp = fopen (filename, p->mode))) { entry_free (new_entry); return NULL; diff --git a/lib/fdleak.c b/lib/fdleak.c index 269c860d..7509b8f5 100644 --- a/lib/fdleak.c +++ b/lib/fdleak.c @@ -34,7 +34,7 @@ /* gnulib headers. */ #include "cloexec.h" -#include "dirent-safer.h" +#include "dirent--.h" #include "error.h" #include "fcntl--.h" @@ -66,7 +66,7 @@ get_proc_max_fd (void) * a given directory (the manpage for readdir_r claims this * is the approved method, but the manpage for pathconf indicates * that _PC_NAME_MAX is not an upper limit). */ - DIR *dir = opendir_safer (path); + DIR *dir = opendir (path); if (dir) { int good = 0; -- 2.29.2