From owner-svn-src-all@FreeBSD.ORG Tue Sep 16 00:56:48 2014 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 93FCDDCD; Tue, 16 Sep 2014 00:56:48 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7ED19A2F; Tue, 16 Sep 2014 00:56:48 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id s8G0um3X017813; Tue, 16 Sep 2014 00:56:48 GMT (envelope-from ngie@FreeBSD.org) Received: (from ngie@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id s8G0ulaf017811; Tue, 16 Sep 2014 00:56:47 GMT (envelope-from ngie@FreeBSD.org) Message-Id: <201409160056.s8G0ulaf017811@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: ngie set sender to ngie@FreeBSD.org using -f From: Garrett Cooper Date: Tue, 16 Sep 2014 00:56:47 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r271655 - in head: lib/libc/sys sys/kern X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Sep 2014 00:56:48 -0000 Author: ngie Date: Tue Sep 16 00:56:47 2014 New Revision: 271655 URL: http://svnweb.freebsd.org/changeset/base/271655 Log: Validate the mode argument in access, eaccess, and faccessat for optional POSIX compliance and to improve compatibility with Linux and NetBSD The issue was identified with lib/libc/sys/t_access:access_inval from NetBSD Update the manpage accordingly PR: 181155 Reviewed by: jilles (code), jmmv (code), wblock (manpage), wollman (code) MFC after: 4 weeks Phabric: D678 (code), D786 (manpage) Sponsored by: EMC / Isilon Storage Division Modified: head/lib/libc/sys/access.2 head/sys/kern/vfs_syscalls.c Modified: head/lib/libc/sys/access.2 ============================================================================== --- head/lib/libc/sys/access.2 Tue Sep 16 00:11:01 2014 (r271654) +++ head/lib/libc/sys/access.2 Tue Sep 16 00:56:47 2014 (r271655) @@ -133,8 +133,16 @@ and .Sh RETURN VALUES .Rv -std .Sh ERRORS -Access to the file is denied if: +.Fn access , +.Fn eaccess , +or +.Fn faccessat +will fail if: .Bl -tag -width Er +.It Bq Er EINVAL +The value of the +.Fa mode +argument is invalid. .It Bq Er ENOTDIR A component of the path prefix is not a directory. .It Bq Er ENAMETOOLONG Modified: head/sys/kern/vfs_syscalls.c ============================================================================== --- head/sys/kern/vfs_syscalls.c Tue Sep 16 00:11:01 2014 (r271654) +++ head/sys/kern/vfs_syscalls.c Tue Sep 16 00:56:47 2014 (r271655) @@ -2055,6 +2055,9 @@ kern_accessat(struct thread *td, int fd, cap_rights_t rights; int error; + if (amode != F_OK && (amode & ~(R_OK | W_OK | X_OK)) != 0) + return (EINVAL); + /* * Create and modify a temporary credential instead of one that * is potentially shared.