[PATCH 1/2] alpm: test access of symlinks not where they point
Fixes FS#69720 --- lib/libalpm/util.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/libalpm/util.c b/lib/libalpm/util.c index 299d287e..e7b049ce 100644 --- a/lib/libalpm/util.c +++ b/lib/libalpm/util.c @@ -1342,11 +1342,11 @@ int _alpm_access(alpm_handle_t *handle, const char *dir, const char *file, int a CALLOC(check_path, len, sizeof(char), RET_ERR(handle, ALPM_ERR_MEMORY, -1)); snprintf(check_path, len, "%s%s", dir, file); - ret = access(check_path, amode); + ret = faccessat(AT_FDCWD, check_path, amode, AT_SYMLINK_NOFOLLOW); free(check_path); } else { dir = ""; - ret = access(file, amode); + ret = faccessat(AT_FDCWD, file, amode, AT_SYMLINK_NOFOLLOW); } if(ret != 0) { -- 2.33.0
When removing files we check _alpm_access() to see if we can write (delete) the file. If not, we check if the file exists because if the file does not exist then we don't actually need to remove it so there's no issue. However the second call uses acess() instead of _alpm_access() which does not the rootdir into account. --- lib/libalpm/remove.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/libalpm/remove.c b/lib/libalpm/remove.c index de39724a..958374a5 100644 --- a/lib/libalpm/remove.c +++ b/lib/libalpm/remove.c @@ -332,7 +332,7 @@ static int can_remove_file(alpm_handle_t *handle, const alpm_file_t *file) /* If we fail write permissions due to a read-only filesystem, abort. * Assume all other possible failures are covered somewhere else */ if(_alpm_access(handle, NULL, filepath, W_OK) == -1) { - if(errno != EACCES && errno != ETXTBSY && access(filepath, F_OK) == 0) { + if(errno != EACCES && errno != ETXTBSY && _alpm_access(handle, NULL, filepath, F_OK) == 0) { /* only return failure if the file ACTUALLY exists and we can't write to * it - ignore "chmod -w" simple permission failures */ _alpm_log(handle, ALPM_LOG_ERROR, _("cannot remove file '%s': %s\n"), -- 2.33.0
On 10/01/21 at 11:00pm, morganamilo wrote:
Fixes FS#69720 --- lib/libalpm/util.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lib/libalpm/util.c b/lib/libalpm/util.c index 299d287e..e7b049ce 100644 --- a/lib/libalpm/util.c +++ b/lib/libalpm/util.c @@ -1342,11 +1342,11 @@ int _alpm_access(alpm_handle_t *handle, const char *dir, const char *file, int a CALLOC(check_path, len, sizeof(char), RET_ERR(handle, ALPM_ERR_MEMORY, -1)); snprintf(check_path, len, "%s%s", dir, file);
- ret = access(check_path, amode); + ret = faccessat(AT_FDCWD, check_path, amode, AT_SYMLINK_NOFOLLOW); free(check_path); } else { dir = ""; - ret = access(file, amode); + ret = faccessat(AT_FDCWD, file, amode, AT_SYMLINK_NOFOLLOW); }
if(ret != 0) {
AT_SYMLINK_NOFOLLOW is a Linux extension.
participants (2)
-
Andrew Gregory
-
morganamilo