From 2584521c67952855ba20c7c61b701a34ba57615c Mon Sep 17 00:00:00 2001 From: Michael Rash Date: Thu, 30 Aug 2012 21:43:53 -0400 Subject: [PATCH] Run verify_file_perms_ownership() on fwknop.pid only if it exists Two bugs are fixed with this commit: verify permissions/ownership on the fwknop.pid file only if it exists, and ensure to ru-run stat() on any directory component if we're creating a directory. --- server/fwknopd.c | 20 ++++++++++++++++---- 1 files changed, 16 insertions(+), 4 deletions(-) diff --git a/server/fwknopd.c b/server/fwknopd.c index ec49d32..f66ef81 100644 --- a/server/fwknopd.c +++ b/server/fwknopd.c @@ -496,10 +496,22 @@ make_dir_path(const char *run_dir) if(stat(tmp_path, &st) != 0) { if(errno == ENOENT) + { res = mkdir(tmp_path, S_IRWXU); - - if(res != 0) - return res; + if(res != 0) + return res; + + /* run stat() against the component since we just + * created it + */ + if(stat(tmp_path, &st) != 0) + { + log_msg(LOG_ERR, + "Could not create component: %s of %s\n\n", tmp_path, run_dir + ); + return(ENOTDIR); + } + } } if(! S_ISDIR(st.st_mode)) @@ -664,12 +676,12 @@ get_running_pid(const fko_srv_options_t *opts) char buf[PID_BUFLEN] = {0}; pid_t rpid = 0; - verify_file_perms_ownership(opts->config[CONF_FWKNOP_PID_FILE]); op_fd = open(opts->config[CONF_FWKNOP_PID_FILE], O_RDONLY); if(op_fd > 0) { + verify_file_perms_ownership(opts->config[CONF_FWKNOP_PID_FILE]); if (read(op_fd, buf, PID_BUFLEN) > 0) { buf[PID_BUFLEN-1] = '\0'; -- 1.7.5.4