diff options
author | Cedric Berger <cedric@cvs.openbsd.org> | 2004-04-09 12:42:07 +0000 |
---|---|---|
committer | Cedric Berger <cedric@cvs.openbsd.org> | 2004-04-09 12:42:07 +0000 |
commit | 166a2e1658bc097fe1406e491200f9b6dac4604d (patch) | |
tree | c21c041c7f2a9d11a4ecea8c5078581627e67f6a /sbin | |
parent | 31e7eb082672d48e83df935c46a2cfe2bae838fe (diff) |
Do not try to load directories. found+ok mpech@
Diffstat (limited to 'sbin')
-rw-r--r-- | sbin/pfctl/pfctl.c | 26 | ||||
-rw-r--r-- | sbin/pfctl/pfctl.h | 3 | ||||
-rw-r--r-- | sbin/pfctl/pfctl_osfp.c | 6 | ||||
-rw-r--r-- | sbin/pfctl/pfctl_radix.c | 4 |
4 files changed, 31 insertions, 8 deletions
diff --git a/sbin/pfctl/pfctl.c b/sbin/pfctl/pfctl.c index e13e1f44bfc..d2d127bf60d 100644 --- a/sbin/pfctl/pfctl.c +++ b/sbin/pfctl/pfctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl.c,v 1.213 2004/03/20 09:31:42 david Exp $ */ +/* $OpenBSD: pfctl.c,v 1.214 2004/04/09 12:42:06 cedric Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -34,6 +34,7 @@ #include <sys/types.h> #include <sys/ioctl.h> #include <sys/socket.h> +#include <sys/stat.h> #include <net/if.h> #include <netinet/in.h> @@ -1061,7 +1062,7 @@ pfctl_rules(int dev, char *filename, int opts, char *anchorname, fin = stdin; infile = "stdin"; } else { - if ((fin = fopen(filename, "r")) == NULL) { + if ((fin = pfctl_fopen(filename, "r")) == NULL) { warn("%s", filename); return (1); } @@ -1150,6 +1151,27 @@ _error: #undef ERRX } +FILE * +pfctl_fopen(const char *name, const char *mode) +{ + struct stat st; + FILE *fp; + + fp = fopen(name, mode); + if (fp == NULL) + return (NULL); + if (fstat(fileno(fp), &st)) { + fclose(fp); + return (NULL); + } + if (S_ISDIR(st.st_mode)) { + fclose(fp); + errno = EISDIR; + return (NULL); + } + return (fp); +} + int pfctl_set_limit(struct pfctl *pf, const char *opt, unsigned int limit) { diff --git a/sbin/pfctl/pfctl.h b/sbin/pfctl/pfctl.h index dd39abab319..998fd2b5cb5 100644 --- a/sbin/pfctl/pfctl.h +++ b/sbin/pfctl/pfctl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl.h,v 1.33 2004/02/19 21:37:01 cedric Exp $ */ +/* $OpenBSD: pfctl.h,v 1.34 2004/04/09 12:42:06 cedric Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -86,6 +86,7 @@ int pfctl_command_tables(int, char *[], char *, const char *, char *, int pfctl_show_altq(int, const char *, int, int); void warn_namespace_collision(const char *); int pfctl_show_ifaces(const char *, int); +FILE *pfctl_fopen(const char *, const char *); #ifndef DEFAULT_PRIORITY #define DEFAULT_PRIORITY 1 diff --git a/sbin/pfctl/pfctl_osfp.c b/sbin/pfctl/pfctl_osfp.c index 6d1fb990257..9276274dce8 100644 --- a/sbin/pfctl/pfctl_osfp.c +++ b/sbin/pfctl/pfctl_osfp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl_osfp.c,v 1.8 2004/02/27 10:42:00 henning Exp $ */ +/* $OpenBSD: pfctl_osfp.c,v 1.9 2004/04/09 12:42:06 cedric Exp $ */ /* * Copyright (c) 2003 Mike Frantzen <frantzen@openbsd.org> @@ -97,8 +97,8 @@ pfctl_file_fingerprints(int dev, int opts, const char *fp_filename) pfctl_flush_my_fingerprints(&classes); - if ((in = fopen(fp_filename, "r")) == NULL) { - warn("fopen(%s)", fp_filename); + if ((in = pfctl_fopen(fp_filename, "r")) == NULL) { + warn("%s", fp_filename); return (1); } class = version = subtype = desc = tcpopts = NULL; diff --git a/sbin/pfctl/pfctl_radix.c b/sbin/pfctl/pfctl_radix.c index 04fb4872ef6..c08496bf8b8 100644 --- a/sbin/pfctl/pfctl_radix.c +++ b/sbin/pfctl/pfctl_radix.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl_radix.c,v 1.24 2004/02/10 18:29:30 henning Exp $ */ +/* $OpenBSD: pfctl_radix.c,v 1.25 2004/04/09 12:42:06 cedric Exp $ */ /* * Copyright (c) 2002 Cedric Berger @@ -605,7 +605,7 @@ pfr_buf_load(struct pfr_buffer *b, char *file, int nonetwork, if (!strcmp(file, "-")) fp = stdin; else { - fp = fopen(file, "r"); + fp = pfctl_fopen(file, "r"); if (fp == NULL) return (-1); } |