mirror of
https://github.com/moparisthebest/curl
synced 2025-01-11 05:58:01 -05:00
curl: improve the existing file check with -J
Previously a file that isn't user-readable but is user-writable would not be properly avoided and would get overwritten. Reported-by: BrumBrum on hackerone Assisted-by: Jay Satiro Bug: https://hackerone.com/reports/926638 Closes #5731
This commit is contained in:
parent
2b6b843bb1
commit
81b4e99b1e
@ -456,6 +456,16 @@ FILE *curl_dbg_fopen(const char *file, const char *mode,
|
|||||||
return res;
|
return res;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
FILE *curl_dbg_fdopen(int filedes, const char *mode,
|
||||||
|
int line, const char *source)
|
||||||
|
{
|
||||||
|
FILE *res = fdopen(filedes, mode);
|
||||||
|
if(source)
|
||||||
|
curl_dbg_log("FILE %s:%d fdopen(\"%d\",\"%s\") = %p\n",
|
||||||
|
source, line, filedes, mode, (void *)res);
|
||||||
|
return res;
|
||||||
|
}
|
||||||
|
|
||||||
int curl_dbg_fclose(FILE *file, int line, const char *source)
|
int curl_dbg_fclose(FILE *file, int line, const char *source)
|
||||||
{
|
{
|
||||||
int res;
|
int res;
|
||||||
|
@ -8,7 +8,7 @@
|
|||||||
* | (__| |_| | _ <| |___
|
* | (__| |_| | _ <| |___
|
||||||
* \___|\___/|_| \_\_____|
|
* \___|\___/|_| \_\_____|
|
||||||
*
|
*
|
||||||
* Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
|
* Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||||
*
|
*
|
||||||
* This software is licensed as described in the file COPYING, which
|
* This software is licensed as described in the file COPYING, which
|
||||||
* you should have received as part of this distribution. The terms
|
* you should have received as part of this distribution. The terms
|
||||||
@ -79,6 +79,9 @@ CURL_EXTERN RECV_TYPE_RETV curl_dbg_recv(RECV_TYPE_ARG1 sockfd,
|
|||||||
/* FILE functions */
|
/* FILE functions */
|
||||||
CURL_EXTERN FILE *curl_dbg_fopen(const char *file, const char *mode, int line,
|
CURL_EXTERN FILE *curl_dbg_fopen(const char *file, const char *mode, int line,
|
||||||
const char *source);
|
const char *source);
|
||||||
|
CURL_EXTERN FILE *curl_dbg_fdopen(int filedes, const char *mode,
|
||||||
|
int line, const char *source);
|
||||||
|
|
||||||
CURL_EXTERN int curl_dbg_fclose(FILE *file, int line, const char *source);
|
CURL_EXTERN int curl_dbg_fclose(FILE *file, int line, const char *source);
|
||||||
|
|
||||||
#ifndef MEMDEBUG_NODEFINES
|
#ifndef MEMDEBUG_NODEFINES
|
||||||
|
@ -21,6 +21,11 @@
|
|||||||
***************************************************************************/
|
***************************************************************************/
|
||||||
#include "tool_setup.h"
|
#include "tool_setup.h"
|
||||||
|
|
||||||
|
#ifdef HAVE_FCNTL_H
|
||||||
|
/* for open() */
|
||||||
|
#include <fcntl.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
#define ENABLE_CURLX_PRINTF
|
#define ENABLE_CURLX_PRINTF
|
||||||
/* use our own printf() functions */
|
/* use our own printf() functions */
|
||||||
#include "curlx.h"
|
#include "curlx.h"
|
||||||
@ -37,7 +42,7 @@ bool tool_create_output_file(struct OutStruct *outs,
|
|||||||
struct OperationConfig *config)
|
struct OperationConfig *config)
|
||||||
{
|
{
|
||||||
struct GlobalConfig *global;
|
struct GlobalConfig *global;
|
||||||
FILE *file;
|
FILE *file = NULL;
|
||||||
DEBUGASSERT(outs);
|
DEBUGASSERT(outs);
|
||||||
DEBUGASSERT(config);
|
DEBUGASSERT(config);
|
||||||
global = config->global;
|
global = config->global;
|
||||||
@ -48,17 +53,25 @@ bool tool_create_output_file(struct OutStruct *outs,
|
|||||||
|
|
||||||
if(outs->is_cd_filename) {
|
if(outs->is_cd_filename) {
|
||||||
/* don't overwrite existing files */
|
/* don't overwrite existing files */
|
||||||
file = fopen(outs->filename, "rb");
|
#ifndef O_BINARY
|
||||||
if(file) {
|
#define O_BINARY 0
|
||||||
fclose(file);
|
#endif
|
||||||
warnf(global, "Refusing to overwrite %s: %s\n", outs->filename,
|
int fd = open(outs->filename, O_CREAT | O_WRONLY | O_EXCL | O_BINARY,
|
||||||
strerror(EEXIST));
|
S_IRUSR | S_IWUSR
|
||||||
return FALSE;
|
#ifdef S_IRGRP
|
||||||
|
| S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH
|
||||||
|
#endif
|
||||||
|
);
|
||||||
|
if(fd != -1) {
|
||||||
|
file = fdopen(fd, "wb");
|
||||||
|
if(!file)
|
||||||
|
close(fd);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
else
|
||||||
|
/* open file for writing */
|
||||||
|
file = fopen(outs->filename, "wb");
|
||||||
|
|
||||||
/* open file for writing */
|
|
||||||
file = fopen(outs->filename, "wb");
|
|
||||||
if(!file) {
|
if(!file) {
|
||||||
warnf(global, "Failed to create the file %s: %s\n", outs->filename,
|
warnf(global, "Failed to create the file %s: %s\n", outs->filename,
|
||||||
strerror(errno));
|
strerror(errno));
|
||||||
|
Loading…
Reference in New Issue
Block a user