xfnw/plan9fox
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

plumber: open rule files as OCEXEC, to avoid leaking them to sub commands

Browse source
This commit is contained in:
cinap_lenrek 2020-12-29 18:45:42 +01:00
parent b7b740a04c
commit fb08e3655e
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
sys/src/cmd/plumb/rules.c
View file

@ -410,11 +410,11 @@ include(char *s)
if(n>2 && args[2][0] != '#') if(n>2 && args[2][0] != '#')
goto Err; goto Err;
t = args[1]; t = args[1];
fd = open(t, OREAD); fd = open(t, OREAD|OCEXEC);
if(fd<0 && t[0]!='/' && strncmp(t, "./", 2)!=0 && strncmp(t, "../", 3)!=0){ if(fd<0 && t[0]!='/' && strncmp(t, "./", 2)!=0 && strncmp(t, "../", 3)!=0){
snprint(buf, sizeof buf, "/sys/lib/plumb/%s", t); snprint(buf, sizeof buf, "/sys/lib/plumb/%s", t);
t = buf; t = buf;
fd = open(t, OREAD); fd = open(t, OREAD|OCEXEC);
} }
if(fd < 0) if(fd < 0)
parseerror("can't open %s for inclusion", t); parseerror("can't open %s for inclusion", t);