policy.c: Check that the input file is a proper file.

[yaid] / policy.c

diff --git a/policy.c b/policy.c
index 3d3eedb..630e1dc 100644 (file)
--- a/policy.c
+++ b/policy.c
@@ -411,10 +411,23 @@ fail:
 int open_policy_file(struct policy_file *pf, const char *name,
                     const char *what, const struct query *q)
 {
+  struct stat st;
+
   if ((pf->fp = fopen(name, "r")) == 0) {
     logmsg(q, LOG_ERR, "failed to open %s `%s': %s",
           what, name, strerror(errno));
-    return (-1);
+    goto err_0;
+  }
+
+  if (fstat(fileno(pf->fp), &st)) {
+    logmsg(q, LOG_ERR, "failed to read information about %s `%s': %s",
+          what, name, strerror(errno));
+    goto err_1;
+  }
+  if (!S_ISREG(st.st_mode)) {
+    logmsg(q, LOG_ERR, "object `%s', used as %s, is not a regular file",
+          name, what);
+    goto err_1;
   }
 
   pf->name = name;
@@ -424,6 +437,11 @@ int open_policy_file(struct policy_file *pf, const char *name,
   pf->lno = 0;
   init_policy(&pf->p);
   return (0);
+
+err_1:
+  fclose(pf->fp);
+err_0:
+  return (-1);
 }
 
 /* Read a policy rule from the file, storing it in PF->p.  Return one of the