X-Git-Url: https://git.saurik.com/wxWidgets.git/blobdiff_plain/f4d7250ef13f19ad01776c7824c54747cbf9361f..9d5507f7a2701395e1d5c121bd877bb9066ee6ea:/src/unix/snglinst.cpp diff --git a/src/unix/snglinst.cpp b/src/unix/snglinst.cpp index 9cc4155e80..26bab35d8b 100644 --- a/src/unix/snglinst.cpp +++ b/src/unix/snglinst.cpp @@ -1,5 +1,5 @@ /////////////////////////////////////////////////////////////////////////////// -// Name: unix/snglinst.cpp +// Name: src/unix/snglinst.cpp // Purpose: implements wxSingleInstanceChecker class for Unix using // lock files with fcntl(2) or flock(2) // Author: Vadim Zeitlin @@ -7,7 +7,7 @@ // Created: 09.06.01 // RCS-ID: $Id$ // Copyright: (c) 2001 Vadim Zeitlin -// License: wxWindows license +// License: wxWindows licence /////////////////////////////////////////////////////////////////////////////// // ============================================================================ @@ -18,10 +18,6 @@ // headers // ---------------------------------------------------------------------------- -#ifdef __GNUG__ - #pragma implementation "snglinst.h" -#endif - // For compilers that support precompilation, includes "wx.h". #include "wx/wxprec.h" @@ -35,10 +31,10 @@ #include "wx/string.h" #include "wx/log.h" #include "wx/intl.h" - #include "wx/file.h" + #include "wx/utils.h" // wxGetHomeDir() #endif //WX_PRECOMP -#include "wx/utils.h" // wxGetHomeDir() +#include "wx/file.h" #include "wx/snglinst.h" @@ -89,9 +85,9 @@ static int wxLockFile(int fd, LockOperation lock) fl.l_type = lock == LOCK ? F_WRLCK : F_UNLCK; // lock the entire file - fl.l_whence = fl.l_start = - fl.l_len = 0; + fl.l_len = + fl.l_whence = 0; // is this needed? fl.l_pid = getpid(); @@ -151,7 +147,7 @@ private: LockResult wxSingleInstanceCheckerImpl::CreateLockFile() { // try to open the file - m_fdLock = open(m_nameLock, + m_fdLock = open(m_nameLock.fn_str(), O_WRONLY | O_CREAT | O_EXCL, S_IRUSR | S_IWUSR); @@ -180,6 +176,17 @@ LockResult wxSingleInstanceCheckerImpl::CreateLockFile() fsync(m_fdLock); + // change file's permission so that only this user can access it: + if ( chmod(m_nameLock.fn_str(), S_IRUSR | S_IWUSR) != 0 ) + { + wxLogSysError(_("Failed to set permissions on lock file '%s'"), + m_nameLock.c_str()); + + Unlock(); + + return LOCK_ERROR; + } + return LOCK_CREATED; } else // failure: see what exactly happened @@ -192,7 +199,7 @@ LockResult wxSingleInstanceCheckerImpl::CreateLockFile() wxLogSysError(_("Failed to lock the lock file '%s'"), m_nameLock.c_str()); - unlink(m_nameLock); + unlink(m_nameLock.fn_str()); return LOCK_ERROR; } @@ -219,11 +226,31 @@ bool wxSingleInstanceCheckerImpl::Create(const wxString& name) case LOCK_CREATED: // nothing more to do - return TRUE; + return true; case LOCK_ERROR: // oops... - return FALSE; + return false; + } + + // Check if the file is owned by current user and has 0600 permissions. + // If it doesn't, it's a fake file, possibly meant as a DoS attack, and + // so we refuse to touch it: + wxStructStat stats; + if ( wxStat(name, &stats) != 0 ) + { + wxLogSysError(_("Failed to inspect the lock file '%s'"), name.c_str()); + return false; + } + if ( stats.st_uid != getuid() ) + { + wxLogError(_("Lock file '%s' has incorrect owner."), name.c_str()); + return false; + } + if ( stats.st_mode != (S_IFREG | S_IRUSR | S_IWUSR) ) + { + wxLogError(_("Lock file '%s' has incorrect permissions."), name.c_str()); + return false; } // try to open the file for reading and get the PID of the process @@ -242,11 +269,11 @@ bool wxSingleInstanceCheckerImpl::Create(const wxString& name) // rarely in practice that we don't care wxLogError(_("Failed to access lock file.")); - return FALSE; + return false; } char buf[256]; - off_t count = file.Read(buf, WXSIZEOF(buf)); + ssize_t count = file.Read(buf, WXSIZEOF(buf)); if ( count == wxInvalidOffset ) { wxLogError(_("Failed to read PID from lock file.")); @@ -257,12 +284,12 @@ bool wxSingleInstanceCheckerImpl::Create(const wxString& name) { if ( kill(m_pidLocker, 0) != 0 ) { - if ( unlink(name) != 0 ) + if ( unlink(name.fn_str()) != 0 ) { wxLogError(_("Failed to remove stale lock file '%s'."), name.c_str()); - // return TRUE in this case for now... + // return true in this case for now... } else { @@ -281,7 +308,7 @@ bool wxSingleInstanceCheckerImpl::Create(const wxString& name) } } - // return TRUE if we could get the PID of the process owning the lock file + // return true if we could get the PID of the process owning the lock file // (whether it is still running or not), FALSE otherwise as it is // unexpected return m_pidLocker != 0; @@ -291,7 +318,7 @@ void wxSingleInstanceCheckerImpl::Unlock() { if ( m_fdLock != -1 ) { - if ( unlink(m_nameLock) != 0 ) + if ( unlink(m_nameLock.fn_str()) != 0 ) { wxLogSysError(_("Failed to remove lock file '%s'"), m_nameLock.c_str()); @@ -346,7 +373,7 @@ bool wxSingleInstanceChecker::Create(const wxString& name, bool wxSingleInstanceChecker::IsAnotherRunning() const { - wxCHECK_MSG( m_impl, FALSE, _T("must call Create() first") ); + wxCHECK_MSG( m_impl, false, _T("must call Create() first") ); // if another instance is running, it must own the lock file - otherwise // we have it and the locker PID is ours one @@ -359,4 +386,3 @@ wxSingleInstanceChecker::~wxSingleInstanceChecker() } #endif // wxUSE_SNGLINST_CHECKER -