ref: d5928fb515f73ab0d530799654738dedcbfb6279
parent: 6c29cf79f073c71b1e0db1a9f713c52803ba32f7
parent: f7e21d7692e619e9a926f29f2d59906c0d7ef072
author: cinap_lenrek <[email protected]>
date: Mon Dec 7 11:48:19 EST 2020
merge
--- a/sys/src/libauth/auth_challenge.c
+++ b/sys/src/libauth/auth_challenge.c
@@ -23,7 +23,7 @@
return nil;
}
- if((c->afd = open("/mnt/factotum/rpc", ORDWR)) < 0){+ if((c->afd = open("/mnt/factotum/rpc", ORDWR|OCEXEC)) < 0){Error:
auth_freechal(c);
free(p);
--- a/sys/src/libauth/auth_chuid.c
+++ b/sys/src/libauth/auth_chuid.c
@@ -16,7 +16,7 @@
}
/* change uid */
- fd = open("#¤/capuse", OWRITE);+ fd = open("#¤/capuse", OWRITE|OCEXEC); if(fd < 0){ werrstr("opening #¤/capuse: %r");return -1;
@@ -29,10 +29,10 @@
}
/* get a link to factotum as new user */
- fd = open("/srv/factotum", ORDWR);+ fd = open("/srv/factotum", ORDWR|OCEXEC); if(fd >= 0){- mount(fd, -1, "/mnt", MREPL, "");
- close(fd);
+ if(mount(fd, -1, "/mnt", MREPL, "") == -1)
+ close(fd);
}
/* set up new namespace */
--- a/sys/src/libauth/auth_getuserpasswd.c
+++ b/sys/src/libauth/auth_getuserpasswd.c
@@ -32,12 +32,11 @@
UserPasswd *up;
up = nil;
- rpc = nil;
params = nil;
- fd = open("/mnt/factotum/rpc", ORDWR);+ fd = open("/mnt/factotum/rpc", ORDWR|OCEXEC);if(fd < 0)
- goto out;
+ return nil;
rpc = auth_allocrpc(fd);
if(rpc == nil)
goto out;
@@ -69,7 +68,7 @@
out:
free(params);
- auth_freerpc(rpc);
close(fd);
+ auth_freerpc(rpc);
return up;
}
--- a/sys/src/libauth/auth_proxy.c
+++ b/sys/src/libauth/auth_proxy.c
@@ -200,7 +200,7 @@
va_end(arg);
ai = nil;
- afd = open("/mnt/factotum/rpc", ORDWR);+ afd = open("/mnt/factotum/rpc", ORDWR|OCEXEC); if(afd < 0){ werrstr("opening /mnt/factotum/rpc: %r");free(p);
--- a/sys/src/libauth/auth_respond.c
+++ b/sys/src/libauth/auth_respond.c
@@ -31,7 +31,7 @@
AuthRpc *rpc;
Attr *a;
- if((afd = open("/mnt/factotum/rpc", ORDWR)) < 0)+ if((afd = open("/mnt/factotum/rpc", ORDWR|OCEXEC)) < 0)return -1;
if((rpc = auth_allocrpc(afd)) == nil){--- a/sys/src/libauth/auth_userpasswd.c
+++ b/sys/src/libauth/auth_userpasswd.c
@@ -11,7 +11,7 @@
char *s;
int afd;
- afd = open("/mnt/factotum/rpc", ORDWR);+ afd = open("/mnt/factotum/rpc", ORDWR|OCEXEC);if(afd < 0)
return nil;
ai = nil;
--- a/sys/src/libauth/newns.c
+++ b/sys/src/libauth/newns.c
@@ -41,7 +41,7 @@
rpc = nil;
/* try for factotum now because later is impossible */
- afd = open("/mnt/factotum/rpc", ORDWR);+ afd = open("/mnt/factotum/rpc", ORDWR|OCEXEC);if(afd < 0 && newnsdebug)
fprint(2, "open /mnt/factotum/rpc: %r\n");
if(afd >= 0){@@ -58,8 +58,8 @@
}
file = "/lib/namespace";
}
- b = Bopen(file, OREAD);
- if(b == 0){+ b = Bopen(file, OREAD|OCEXEC);
+ if(b == nil){ werrstr("can't open %s: %r", file);return freecloserpc(rpc);
}
@@ -135,6 +135,8 @@
auth_freeAI(ai);
}
ret = mount(fd, afd, mntpt, flags, aname);
+ if(ret == -1)
+ close(fd);
if(afd >= 0)
close(afd);
return ret;
@@ -151,7 +153,7 @@
cdroot = 0;
flags = 0;
- argv0 = 0;
+ argv0 = nil;
if(newnsdebug){for (i = 0; i < argc; i++)
fprint(2, "%s ", argv[i]);
@@ -176,7 +178,7 @@
flags |= MREPL;
if(strcmp(argv0, ".") == 0 && argc == 1){- b = Bopen(argv[0], OREAD);
+ b = Bopen(argv[0], OREAD|OCEXEC);
if(b == nil)
return 0;
cdroot |= nsfile(fn, b, rpc);
@@ -192,7 +194,7 @@
else if(argc == 2)
unmount(argv[0], argv[1]);
}else if(strcmp(argv0, "mount") == 0){- fd = open(argv[0], ORDWR);
+ fd = open(argv[0], ORDWR|OCEXEC);
if(fd < 0){if(newnsdebug)
fprint(2, "%s: mount: %s: %r\n", fn, argv[0]);
@@ -204,8 +206,9 @@
}else if(argc == 3){if(famount(fd, rpc, argv[1], flags, argv[2]) == -1 && newnsdebug)
fprint(2, "%s: mount: %s %s %s: %r\n", fn, argv[0], argv[1], argv[2]);
+ } else {+ close(fd);
}
- close(fd);
}else if(strcmp(argv0, "cd") == 0 && argc == 1){if(chdir(argv[0]) == 0 && *argv[0] == '/')
cdroot = 1;
@@ -316,7 +319,7 @@
strcpy(env, "#e/");
strncpy(env+3, p, len);
env[3+len] = '\0';
- fd = open(env, OREAD);
+ fd = open(env, OREAD|OCEXEC);
if(fd >= 0){len = read(fd, &buf[n], ANAMELEN - 1);
/* some singleton environment variables have trailing NULs */
@@ -345,7 +348,7 @@
long s;
sprint(ename, "#e/%s", name);
- f = create(ename, OWRITE, 0664);
+ f = create(ename, OWRITE|OCEXEC, 0664);
if(f < 0)
return -1;
s = strlen(val);
--- a/sys/src/libauth/noworld.c
+++ b/sys/src/libauth/noworld.c
@@ -15,7 +15,7 @@
char *p;
int n;
- b = Bopen("/adm/users", OREAD);+ b = Bopen("/adm/users", OREAD|OCEXEC);if(b == nil)
return 0;
while((p = Brdline(b, '\n')) != nil){--- a/sys/src/libauthsrv/readcons.c
+++ b/sys/src/libauthsrv/readcons.c
@@ -13,13 +13,13 @@
s = p = nil;
fdout = ctl = -1;
- if((fdin = open("/dev/cons", OREAD)) < 0)+ if((fdin = open("/dev/cons", OREAD|OCEXEC)) < 0)goto Out;
- if((fdout = open("/dev/cons", OWRITE)) < 0)+ if((fdout = open("/dev/cons", OWRITE|OCEXEC)) < 0)goto Out;
if(raw){- if((ctl = open("/dev/consctl", OWRITE)) < 0)+ if((ctl = open("/dev/consctl", OWRITE|OCEXEC)) < 0)goto Out;
write(ctl, "rawon", 5);
}
--- a/sys/src/libauthsrv/readnvram.c
+++ b/sys/src/libauthsrv/readnvram.c
@@ -91,9 +91,9 @@
v[0] = "";
v[1] = nil;
}
- fd = open(v[0], ORDWR);
+ fd = open(v[0], ORDWR|OCEXEC);
if (fd < 0)
- fd = open(v[0], OREAD);
+ fd = open(v[0], OREAD|OCEXEC);
safelen = sizeof(Nvrsafe);
if(strstr(v[0], "/9fat") == nil)
safeoff = 0;
@@ -120,7 +120,7 @@
for(i=0; i<nelem(nvtab); i++){if(strcmp(cputype, nvtab[i].cputype) != 0)
continue;
- if((fd = open(nvtab[i].file, ORDWR)) < 0)
+ if((fd = open(nvtab[i].file, ORDWR|OCEXEC)) < 0)
continue;
safeoff = nvtab[i].off;
safelen = nvtab[i].len;
--- a/sys/src/libdraw/readcolmap.c
+++ b/sys/src/libdraw/readcolmap.c
@@ -27,8 +27,8 @@
USED(screen);
sprint(buf, "/dev/draw/%d/colormap", d->dirno);
- b = Bopen(buf, OREAD);
- if(b == 0)
+ b = Bopen(buf, OREAD|OCEXEC);
+ if(b == nil)
drawerror(d, "rdcolmap: can't open colormap device");
for(;;) {