Date: Sun, 10 Feb 2013 18:56:38 +0000 (UTC) From: Jilles Tjoelker <jilles@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r246628 - head/usr.bin/find Message-ID: <201302101856.r1AIucZ4071718@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jilles Date: Sun Feb 10 18:56:37 2013 New Revision: 246628 URL: http://svnweb.freebsd.org/changeset/base/246628 Log: find: Run when cwd cannot be opened, except with -execdir or -delete. fts(3) can run (albeit more slowly and imposing the {PATH_MAX} limit) when the current directory cannot be opened. Therefore, do not make a failure to open the current directory (for returning to it later in -exec) fatal. If -execdir or -delete are used, the expectation is that fts(3) will use chdir to avoid race conditions (except for -execdir with -L). Do not break this expectation any more than it already is by still failing if the current directory cannot be opened. Modified: head/usr.bin/find/function.c head/usr.bin/find/main.c Modified: head/usr.bin/find/function.c ============================================================================== --- head/usr.bin/find/function.c Sun Feb 10 17:58:44 2013 (r246627) +++ head/usr.bin/find/function.c Sun Feb 10 18:56:37 2013 (r246628) @@ -472,6 +472,14 @@ c_delete(OPTION *option, char ***argvp _ isoutput = 1; /* possible output */ isdepth = 1; /* -depth implied */ + /* + * Try to avoid the confusing error message about relative paths + * being potentially not safe. + */ + if (ftsoptions & FTS_NOCHDIR) + errx(1, "%s: forbidden when the current directory cannot be opened", + "-delete"); + return palloc(option); } @@ -644,7 +652,8 @@ doexec: if ((plan->flags & F_NEEDOK) && /* NOTREACHED */ case 0: /* change dir back from where we started */ - if (!(plan->flags & F_EXECDIR) && fchdir(dotfd)) { + if (!(plan->flags & F_EXECDIR) && + !(ftsoptions & FTS_NOCHDIR) && fchdir(dotfd)) { warn("chdir"); _exit(1); } @@ -677,6 +686,11 @@ c_exec(OPTION *option, char ***argvp) int cnt, i; char **argv, **ap, **ep, *p; + /* This would defeat -execdir's intended security. */ + if (option->flags & F_EXECDIR && ftsoptions & FTS_NOCHDIR) + errx(1, "%s: forbidden when the current directory cannot be opened", + "-execdir"); + /* XXX - was in c_execdir, but seems unnecessary!? ftsoptions &= ~FTS_NOSTAT; */ Modified: head/usr.bin/find/main.c ============================================================================== --- head/usr.bin/find/main.c Sun Feb 10 17:58:44 2013 (r246627) +++ head/usr.bin/find/main.c Sun Feb 10 18:56:37 2013 (r246628) @@ -152,7 +152,7 @@ main(int argc, char *argv[]) *p = NULL; if ((dotfd = open(".", O_RDONLY | O_CLOEXEC, 0)) < 0) - err(1, "."); + ftsoptions |= FTS_NOCHDIR; exit(find_execute(find_formplan(argv), start)); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201302101856.r1AIucZ4071718>