X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/b04fe171f0375ecd5d8a24747ca1dff85720a0ca..90dc47c27df1983f6ebc252b0c4b94c8718fe52d:/OSX/libsecurity_filedb/lib/AtomicFile.cpp

diff --git a/OSX/libsecurity_filedb/lib/AtomicFile.cpp b/OSX/libsecurity_filedb/lib/AtomicFile.cpp
index 6d2f8696..9dd9bbfd 100644
--- a/OSX/libsecurity_filedb/lib/AtomicFile.cpp
+++ b/OSX/libsecurity_filedb/lib/AtomicFile.cpp
@@ -90,7 +90,7 @@ AtomicFile::~AtomicFile()
 {
 }
 
-// Aquire the write lock and remove the file.
+// Acquire the write lock and remove the file.
 void
 AtomicFile::performDelete()
 {
@@ -98,7 +98,7 @@ AtomicFile::performDelete()
 	if (::unlink(mPath.c_str()) != 0)
 	{
 		int error = errno;
-		secnotice("atomicfile", "unlink %s: %s", mPath.c_str(), strerror(error));
+		secinfo("atomicfile", "unlink %s: %s", mPath.c_str(), strerror(error));
         if (error == ENOENT)
 			CssmError::throwMe(CSSMERR_DL_DATASTORE_DOESNOT_EXIST);
 		else
@@ -109,7 +109,7 @@ AtomicFile::performDelete()
 	::unlink(mLockFilePath.c_str());
 }
 
-// Aquire the write lock and rename the file (and bump the version and stuff).
+// Acquire the write lock and rename the file (and bump the version and stuff).
 void
 AtomicFile::rename(const std::string &inNewPath)
 {
@@ -121,7 +121,7 @@ AtomicFile::rename(const std::string &inNewPath)
 	if (::rename(path, newPath) != 0)
 	{
 		int error = errno;
-		secnotice("atomicfile", "rename(%s, %s): %s", path, newPath, strerror(error));
+		secinfo("atomicfile", "rename(%s, %s): %s", path, newPath, strerror(error));
 		UnixError::throwMe(error);
 	}
 }
@@ -140,7 +140,7 @@ AtomicFile::create(mode_t mode)
     if (fileRef == -1)
     {
         int error = errno;
-		secnotice("atomicfile", "open %s: %s", path, strerror(error));
+		secinfo("atomicfile", "open %s: %s", path, strerror(error));
 
         // Do the obvious error code translations here.
 		// @@@ Consider moving these up a level.
@@ -338,6 +338,7 @@ AtomicFile::ropen(const char *const name, int flags, mode_t mode)
             int result = sandbox_check(getpid(), "file-read-data", (sandbox_filter_type) (SANDBOX_FILTER_PATH | SANDBOX_CHECK_NO_REPORT), name);
             if (result != 0)
             {
+                secdebug("atomicfile", "sandboxing rejected read access to %s", name);
                 return -1;
             }
         }
@@ -347,6 +348,7 @@ AtomicFile::ropen(const char *const name, int flags, mode_t mode)
             int result = sandbox_check(getpid(), "file-write-data", (sandbox_filter_type) (SANDBOX_FILTER_PATH | SANDBOX_CHECK_NO_REPORT), name);
             if (result != 0)
             {
+                secdebug("atomicfile", "sandboxing rejected write access to %s", name);
                 return -1;
             }
         }
@@ -392,7 +394,7 @@ AtomicBufferedFile::~AtomicBufferedFile()
 	  	// In release mode, the assert() is compiled out so rv may be unused.
 	        __unused int rv = AtomicFile::rclose(mFileRef);
 		assert(rv == 0);
-		secnotice("atomicfile", "%p closed %s", this, mPath.c_str());
+		secinfo("atomicfile", "%p closed %s", this, mPath.c_str());
 	}
 
 	if (mBuffer)
@@ -411,7 +413,7 @@ AtomicBufferedFile::open()
 	const char *path = mPath.c_str();
 	if (mFileRef >= 0)
 	{
-		secnotice("atomicfile", "open %s: already open, closing and reopening", path);
+		secinfo("atomicfile", "open %s: already open, closing and reopening", path);
 		close();
 	}
 
@@ -446,7 +448,7 @@ AtomicBufferedFile::open()
 		UnixError::throwMe(error);
 	}
 
-	secnotice("atomicfile", "%p opened %s: %qd bytes", this, path, mLength);
+	secinfo("atomicfile", "%p opened %s: %qd bytes", this, path, mLength);
 
 	return mLength;
 }
@@ -459,6 +461,7 @@ AtomicBufferedFile::unloadBuffer()
 {
     if(mBuffer) {
         delete [] mBuffer;
+        mBuffer = NULL;
     }
 }
 
@@ -468,7 +471,7 @@ void
 AtomicBufferedFile::loadBuffer()
 {
     // make a buffer big enough to hold the entire file
-    mBuffer = new uint8[mLength];
+    mBuffer = new uint8[(size_t) mLength];
     if(lseek(mFileRef, 0, SEEK_SET) < 0) {
         int error = errno;
         secinfo("atomicfile", "lseek(%s, BEGINNING): %s", mPath.c_str(), strerror(error));
@@ -486,10 +489,8 @@ AtomicBufferedFile::loadBuffer()
             {
                 int error = errno;
                 secinfo("atomicfile", "read(%s, %zd): %s", mPath.c_str(), bytesToRead, strerror(error));
-                if (mFileRef >= 0) {
-                    AtomicFile::rclose(mFileRef);
-                    mFileRef = -1;
-                }
+                AtomicFile::rclose(mFileRef);
+                mFileRef = -1;
                 UnixError::throwMe(error);
             }
         }
@@ -545,7 +546,7 @@ AtomicBufferedFile::close()
 {
 	if (mFileRef < 0)
 	{
-		secnotice("atomicfile", "close %s: already closed", mPath.c_str());
+		secinfo("atomicfile", "close %s: already closed", mPath.c_str());
 	}
 	else
 	{
@@ -558,7 +559,7 @@ AtomicBufferedFile::close()
 			UnixError::throwMe(error);
 		}
 
-		secnotice("atomicfile", "%p closed %s", this, mPath.c_str());
+		secinfo("atomicfile", "%p closed %s", this, mPath.c_str());
 	}
 }
 
@@ -649,7 +650,7 @@ AtomicTempFile::create(mode_t mode)
 		}
 	}
 
-	secnotice("atomicfile", "%p created %s", this, path);
+	secinfo("atomicfile", "%p created %s", this, path);
 }
 
 void
@@ -774,7 +775,7 @@ AtomicTempFile::close()
 			UnixError::throwMe(error);
 		}
 
-		secnotice("atomicfile", "%p closed %s", this, mPath.c_str());
+		secinfo("atomicfile", "%p closed %s", this, mPath.c_str());
 	}
 }