diff options
Diffstat (limited to 'src/ftee/main.c')
| -rw-r--r-- | src/ftee/main.c | 32 |
1 files changed, 12 insertions, 20 deletions
diff --git a/src/ftee/main.c b/src/ftee/main.c index e6aa5f567..2b27baa5a 100644 --- a/src/ftee/main.c +++ b/src/ftee/main.c | |||
| @@ -179,10 +179,6 @@ static int is_link(const char *fname) { | |||
| 179 | return 0; | 179 | return 0; |
| 180 | } | 180 | } |
| 181 | 181 | ||
| 182 | |||
| 183 | |||
| 184 | |||
| 185 | |||
| 186 | static void usage(void) { | 182 | static void usage(void) { |
| 187 | printf("Usage: ftee filename\n"); | 183 | printf("Usage: ftee filename\n"); |
| 188 | } | 184 | } |
| @@ -201,33 +197,25 @@ int main(int argc, char **argv) { | |||
| 201 | 197 | ||
| 202 | 198 | ||
| 203 | // do not accept directories, links, and files with ".." | 199 | // do not accept directories, links, and files with ".." |
| 204 | if (strstr(fname, "..") || is_link(fname) || is_dir(fname)) { | 200 | if (strstr(fname, "..") || is_link(fname) || is_dir(fname)) |
| 205 | fprintf(stderr, "Error: invalid output file. Links, directories and files with \"..\" are not allowed.\n"); | 201 | goto errexit; |
| 206 | exit(1); | ||
| 207 | } | ||
| 208 | 202 | ||
| 209 | struct stat s; | 203 | struct stat s; |
| 210 | if (stat(fname, &s) == 0) { | 204 | if (stat(fname, &s) == 0) { |
| 211 | // check permissions | 205 | // check permissions |
| 212 | if (s.st_uid != getuid() || s.st_gid != getgid()) { | 206 | if (s.st_uid != getuid() || s.st_gid != getgid()) |
| 213 | fprintf(stderr, "Error: the output file needs to be owned by the current user.\n"); | 207 | goto errexit; |
| 214 | exit(1); | ||
| 215 | } | ||
| 216 | 208 | ||
| 217 | // check hard links | 209 | // check hard links |
| 218 | if (s.st_nlink != 1) { | 210 | if (s.st_nlink != 1) |
| 219 | fprintf(stderr, "Error: no hard links allowed.\n"); | 211 | goto errexit; |
| 220 | exit(1); | ||
| 221 | } | ||
| 222 | } | 212 | } |
| 223 | 213 | ||
| 224 | // check if we can append to this file | 214 | // check if we can append to this file |
| 225 | /* coverity[toctou] */ | 215 | /* coverity[toctou] */ |
| 226 | FILE *fp = fopen(fname, "a"); | 216 | FILE *fp = fopen(fname, "a"); |
| 227 | if (!fp) { | 217 | if (!fp) |
| 228 | fprintf(stderr, "Error: cannot open output file %s\n", fname); | 218 | goto errexit; |
| 229 | exit(1); | ||
| 230 | } | ||
| 231 | fclose(fp); | 219 | fclose(fp); |
| 232 | 220 | ||
| 233 | 221 | ||
| @@ -248,4 +236,8 @@ int main(int argc, char **argv) { | |||
| 248 | 236 | ||
| 249 | log_close(); | 237 | log_close(); |
| 250 | return 0; | 238 | return 0; |
| 239 | |||
| 240 | errexit: | ||
| 241 | fprintf(stderr, "Error ftee: invalid output file.\n"); | ||
| 242 | return 1; | ||
| 251 | } | 243 | } |