X-Git-Url: https://git.saurik.com/apt.git/blobdiff_plain/b53c9cea2902572822bbbece5bac236c1bbf846e..cd46d4ebd33e74ee53bbc73dcdb7fe1d4d006558:/apt-pkg/contrib/fileutl.cc diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc index 1be782bac..368380af7 100644 --- a/apt-pkg/contrib/fileutl.cc +++ b/apt-pkg/contrib/fileutl.cc @@ -158,24 +158,18 @@ bool CopyFile(FileFd &From,FileFd &To) if (From.IsOpen() == false || To.IsOpen() == false || From.Failed() == true || To.Failed() == true) return false; - + // Buffered copy between fds std::unique_ptr Buf(new unsigned char[64000]); - unsigned long long Size = From.Size(); - while (Size != 0) - { - unsigned long long ToRead = Size; - if (Size > 64000) - ToRead = 64000; - - if (From.Read(Buf.get(),ToRead) == false || + constexpr unsigned long long BufSize = sizeof(Buf.get())/sizeof(Buf.get()[0]); + unsigned long long ToRead = 0; + do { + if (From.Read(Buf.get(),BufSize, &ToRead) == false || To.Write(Buf.get(),ToRead) == false) return false; - - Size -= ToRead; - } + } while (ToRead != 0); - return true; + return true; } /*}}}*/ // GetLock - Gets a lock file /*{{{*/ @@ -671,7 +665,7 @@ string flAbsPath(string File) char *p = realpath(File.c_str(), NULL); if (p == NULL) { - _error->Errno("realpath", "flAbsPath failed"); + _error->Errno("realpath", "flAbsPath on %s failed", File.c_str()); return ""; } std::string AbsPath(p); @@ -1130,16 +1124,20 @@ bool FileFd::Open(string FileName,unsigned int const Mode,APT::Configuration::Co if ((Mode & ReadWrite) == 0) return FileFdError("No openmode provided in FileFd::Open for %s", FileName.c_str()); - if ((Mode & Atomic) == Atomic) + unsigned int OpenMode = Mode; + if (FileName == "/dev/null") + OpenMode = OpenMode & ~(Atomic | Exclusive | Create | Empty); + + if ((OpenMode & Atomic) == Atomic) { Flags |= Replace; } - else if ((Mode & (Exclusive | Create)) == (Exclusive | Create)) + else if ((OpenMode & (Exclusive | Create)) == (Exclusive | Create)) { // for atomic, this will be done by rename in Close() unlink(FileName.c_str()); } - if ((Mode & Empty) == Empty) + if ((OpenMode & Empty) == Empty) { struct stat Buf; if (lstat(FileName.c_str(),&Buf) == 0 && S_ISLNK(Buf.st_mode)) @@ -1147,7 +1145,7 @@ bool FileFd::Open(string FileName,unsigned int const Mode,APT::Configuration::Co } int fileflags = 0; - #define if_FLAGGED_SET(FLAG, MODE) if ((Mode & FLAG) == FLAG) fileflags |= MODE + #define if_FLAGGED_SET(FLAG, MODE) if ((OpenMode & FLAG) == FLAG) fileflags |= MODE if_FLAGGED_SET(ReadWrite, O_RDWR); else if_FLAGGED_SET(ReadOnly, O_RDONLY); else if_FLAGGED_SET(WriteOnly, O_WRONLY); @@ -1157,7 +1155,7 @@ bool FileFd::Open(string FileName,unsigned int const Mode,APT::Configuration::Co if_FLAGGED_SET(Exclusive, O_EXCL); #undef if_FLAGGED_SET - if ((Mode & Atomic) == Atomic) + if ((OpenMode & Atomic) == Atomic) { char *name = strdup((FileName + ".XXXXXX").c_str()); @@ -1184,7 +1182,7 @@ bool FileFd::Open(string FileName,unsigned int const Mode,APT::Configuration::Co iFd = open(FileName.c_str(), fileflags, AccessMode); this->FileName = FileName; - if (iFd == -1 || OpenInternDescriptor(Mode, compressor) == false) + if (iFd == -1 || OpenInternDescriptor(OpenMode, compressor) == false) { if (iFd != -1) { @@ -2006,12 +2004,13 @@ bool FileFd::Close() { if ((Flags & Compressed) != Compressed && iFd > 0 && close(iFd) != 0) Res &= _error->Errno("close",_("Problem closing the file %s"), FileName.c_str()); - if (d != NULL) - { - Res &= d->CloseDown(FileName); - delete d; - d = NULL; - } + } + + if (d != NULL) + { + Res &= d->CloseDown(FileName); + delete d; + d = NULL; } if ((Flags & Replace) == Replace) { @@ -2122,12 +2121,39 @@ std::string GetTempDir() /*{{{*/ struct stat st; if (!tmpdir || strlen(tmpdir) == 0 || // tmpdir is set - stat(tmpdir, &st) != 0 || (st.st_mode & S_IFDIR) == 0 || // exists and is directory - access(tmpdir, R_OK | W_OK | X_OK) != 0 // current user has rwx access to directory - ) + stat(tmpdir, &st) != 0 || (st.st_mode & S_IFDIR) == 0) // exists and is directory + tmpdir = "/tmp"; + else if (geteuid() != 0 && // root can do everything anyway + faccessat(-1, tmpdir, R_OK | W_OK | X_OK, AT_EACCESS | AT_SYMLINK_NOFOLLOW) != 0) // current user has rwx access to directory tmpdir = "/tmp"; return string(tmpdir); +} +std::string GetTempDir(std::string const &User) +{ + // no need/possibility to drop privs + if(getuid() != 0 || User.empty() || User == "root") + return GetTempDir(); + + struct passwd const * const pw = getpwnam(User.c_str()); + if (pw == NULL) + return GetTempDir(); + + gid_t const old_euid = geteuid(); + gid_t const old_egid = getegid(); + if (setegid(pw->pw_gid) != 0) + _error->Errno("setegid", "setegid %u failed", pw->pw_gid); + if (seteuid(pw->pw_uid) != 0) + _error->Errno("seteuid", "seteuid %u failed", pw->pw_uid); + + std::string const tmp = GetTempDir(); + + if (seteuid(old_euid) != 0) + _error->Errno("seteuid", "seteuid %u failed", old_euid); + if (setegid(old_egid) != 0) + _error->Errno("setegid", "setegid %u failed", old_egid); + + return tmp; } /*}}}*/ FileFd* GetTempFile(std::string const &Prefix, bool ImmediateUnlink, FileFd * const TmpFd) /*{{{*/ @@ -2208,11 +2234,14 @@ bool Popen(const char* Args[], FileFd &Fd, pid_t &Child, FileFd::OpenMode Mode)/ { close(Pipe[1]); fd = Pipe[0]; - } else if(Mode == FileFd::WriteOnly) + } + else if(Mode == FileFd::WriteOnly) { close(Pipe[0]); fd = Pipe[1]; } + else + return _error->Error("Popen supports ReadOnly (x)or WriteOnly mode only"); Fd.OpenDescriptor(fd, Mode, FileFd::None, true); return true;