From c74afd8acf88d097561546c9cc5a88b1522cb341 Mon Sep 17 00:00:00 2001 From: Mark Wooding Date: Sun, 21 Oct 2012 15:02:46 +0100 Subject: [PATCH] policy.c: Check that the input file is a proper file. This is mainly useful for user policy files, to make sure they're not completely mad. --- policy.c | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/policy.c b/policy.c index 3d3eedb..630e1dc 100644 --- a/policy.c +++ b/policy.c @@ -411,10 +411,23 @@ fail: int open_policy_file(struct policy_file *pf, const char *name, const char *what, const struct query *q) { + struct stat st; + if ((pf->fp = fopen(name, "r")) == 0) { logmsg(q, LOG_ERR, "failed to open %s `%s': %s", what, name, strerror(errno)); - return (-1); + goto err_0; + } + + if (fstat(fileno(pf->fp), &st)) { + logmsg(q, LOG_ERR, "failed to read information about %s `%s': %s", + what, name, strerror(errno)); + goto err_1; + } + if (!S_ISREG(st.st_mode)) { + logmsg(q, LOG_ERR, "object `%s', used as %s, is not a regular file", + name, what); + goto err_1; } pf->name = name; @@ -424,6 +437,11 @@ int open_policy_file(struct policy_file *pf, const char *name, pf->lno = 0; init_policy(&pf->p); return (0); + +err_1: + fclose(pf->fp); +err_0: + return (-1); } /* Read a policy rule from the file, storing it in PF->p. Return one of the -- 2.11.0