summaryrefslogtreecommitdiff
path: root/usr.bin/signify/signify.c
diff options
context:
space:
mode:
authorTed Unangst <tedu@cvs.openbsd.org>2014-01-12 21:18:53 +0000
committerTed Unangst <tedu@cvs.openbsd.org>2014-01-12 21:18:53 +0000
commit50be524409eb264fd9ccfc2a87cf0c367d4c9b1c (patch)
tree7d31289320619fc5629d67f0238777755808fc52 /usr.bin/signify/signify.c
parent63299cfd7b1199287f561c8b0d60da94719bb4ba (diff)
we only write to writable files, so use O_WRONLY.
st_size is only meaningful for regular files, so check S_ISREG
Diffstat (limited to 'usr.bin/signify/signify.c')
-rw-r--r--usr.bin/signify/signify.c10
1 files changed, 6 insertions, 4 deletions
diff --git a/usr.bin/signify/signify.c b/usr.bin/signify/signify.c
index 03d38865293..15bd6dcd4f8 100644
--- a/usr.bin/signify/signify.c
+++ b/usr.bin/signify/signify.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: signify.c,v 1.29 2014/01/11 04:29:07 lteo Exp $ */
+/* $OpenBSD: signify.c,v 1.30 2014/01/12 21:18:52 tedu Exp $ */
/*
* Copyright (c) 2013 Ted Unangst <tedu@openbsd.org>
*
@@ -170,6 +170,8 @@ readmsg(const char *filename, unsigned long long *msglenp)
fd = xopen(filename, O_RDONLY | O_NOFOLLOW, 0);
if (fstat(fd, &sb) == -1)
err(1, "fstat on %s", filename);
+ if (!S_ISREG(sb.st_mode))
+ errx(1, "%s must be a regular file", filename);
msglen = sb.st_size;
if (msglen > (1UL << 30))
errx(1, "msg too large in %s", filename);
@@ -200,7 +202,7 @@ appendall(const char *filename, const void *buf, size_t len)
{
int fd;
- fd = xopen(filename, O_NOFOLLOW | O_RDWR | O_APPEND, 0);
+ fd = xopen(filename, O_NOFOLLOW | O_WRONLY | O_APPEND, 0);
writeall(fd, buf, len, filename);
close(fd);
}
@@ -213,7 +215,7 @@ writeb64file(const char *filename, const char *comment, const void *buf,
char b64[1024];
int fd, rv;
- fd = xopen(filename, O_CREAT|flags|O_NOFOLLOW|O_RDWR, mode);
+ fd = xopen(filename, O_CREAT|flags|O_NOFOLLOW|O_WRONLY, mode);
snprintf(header, sizeof(header), "%s%s\n", COMMENTHDR,
comment);
writeall(fd, header, strlen(header), filename);
@@ -421,7 +423,7 @@ verify(const char *pubkeyfile, const char *msgfile, const char *sigfile,
verifymsg(pubkey.pubkey, msg, msglen, sig.sig);
if (embedded) {
- fd = xopen(msgfile, O_CREAT|O_TRUNC|O_NOFOLLOW|O_RDWR, 0666);
+ fd = xopen(msgfile, O_CREAT|O_TRUNC|O_NOFOLLOW|O_WRONLY, 0666);
writeall(fd, msg, msglen, msgfile);
close(fd);
}