diff options
| -rw-r--r-- | sbin/pfctl/pfctl.c | 26 | ||||
| -rw-r--r-- | sbin/pfctl/pfctl.h | 3 | ||||
| -rw-r--r-- | sbin/pfctl/pfctl_osfp.c | 6 | ||||
| -rw-r--r-- | sbin/pfctl/pfctl_radix.c | 4 | ||||
| -rw-r--r-- | usr.sbin/authpf/authpf.c | 8 |
5 files changed, 38 insertions, 9 deletions
diff --git a/sbin/pfctl/pfctl.c b/sbin/pfctl/pfctl.c index e13e1f44bfc..d2d127bf60d 100644 --- a/sbin/pfctl/pfctl.c +++ b/sbin/pfctl/pfctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl.c,v 1.213 2004/03/20 09:31:42 david Exp $ */ +/* $OpenBSD: pfctl.c,v 1.214 2004/04/09 12:42:06 cedric Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -34,6 +34,7 @@ #include <sys/types.h> #include <sys/ioctl.h> #include <sys/socket.h> +#include <sys/stat.h> #include <net/if.h> #include <netinet/in.h> @@ -1061,7 +1062,7 @@ pfctl_rules(int dev, char *filename, int opts, char *anchorname, fin = stdin; infile = "stdin"; } else { - if ((fin = fopen(filename, "r")) == NULL) { + if ((fin = pfctl_fopen(filename, "r")) == NULL) { warn("%s", filename); return (1); } @@ -1150,6 +1151,27 @@ _error: #undef ERRX } +FILE * +pfctl_fopen(const char *name, const char *mode) +{ + struct stat st; + FILE *fp; + + fp = fopen(name, mode); + if (fp == NULL) + return (NULL); + if (fstat(fileno(fp), &st)) { + fclose(fp); + return (NULL); + } + if (S_ISDIR(st.st_mode)) { + fclose(fp); + errno = EISDIR; + return (NULL); + } + return (fp); +} + int pfctl_set_limit(struct pfctl *pf, const char *opt, unsigned int limit) { diff --git a/sbin/pfctl/pfctl.h b/sbin/pfctl/pfctl.h index dd39abab319..998fd2b5cb5 100644 --- a/sbin/pfctl/pfctl.h +++ b/sbin/pfctl/pfctl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl.h,v 1.33 2004/02/19 21:37:01 cedric Exp $ */ +/* $OpenBSD: pfctl.h,v 1.34 2004/04/09 12:42:06 cedric Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -86,6 +86,7 @@ int pfctl_command_tables(int, char *[], char *, const char *, char *, int pfctl_show_altq(int, const char *, int, int); void warn_namespace_collision(const char *); int pfctl_show_ifaces(const char *, int); +FILE *pfctl_fopen(const char *, const char *); #ifndef DEFAULT_PRIORITY #define DEFAULT_PRIORITY 1 diff --git a/sbin/pfctl/pfctl_osfp.c b/sbin/pfctl/pfctl_osfp.c index 6d1fb990257..9276274dce8 100644 --- a/sbin/pfctl/pfctl_osfp.c +++ b/sbin/pfctl/pfctl_osfp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl_osfp.c,v 1.8 2004/02/27 10:42:00 henning Exp $ */ +/* $OpenBSD: pfctl_osfp.c,v 1.9 2004/04/09 12:42:06 cedric Exp $ */ /* * Copyright (c) 2003 Mike Frantzen <frantzen@openbsd.org> @@ -97,8 +97,8 @@ pfctl_file_fingerprints(int dev, int opts, const char *fp_filename) pfctl_flush_my_fingerprints(&classes); - if ((in = fopen(fp_filename, "r")) == NULL) { - warn("fopen(%s)", fp_filename); + if ((in = pfctl_fopen(fp_filename, "r")) == NULL) { + warn("%s", fp_filename); return (1); } class = version = subtype = desc = tcpopts = NULL; diff --git a/sbin/pfctl/pfctl_radix.c b/sbin/pfctl/pfctl_radix.c index 04fb4872ef6..c08496bf8b8 100644 --- a/sbin/pfctl/pfctl_radix.c +++ b/sbin/pfctl/pfctl_radix.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfctl_radix.c,v 1.24 2004/02/10 18:29:30 henning Exp $ */ +/* $OpenBSD: pfctl_radix.c,v 1.25 2004/04/09 12:42:06 cedric Exp $ */ /* * Copyright (c) 2002 Cedric Berger @@ -605,7 +605,7 @@ pfr_buf_load(struct pfr_buffer *b, char *file, int nonetwork, if (!strcmp(file, "-")) fp = stdin; else { - fp = fopen(file, "r"); + fp = pfctl_fopen(file, "r"); if (fp == NULL) return (-1); } diff --git a/usr.sbin/authpf/authpf.c b/usr.sbin/authpf/authpf.c index 515cf8edea2..2c431cc51ba 100644 --- a/usr.sbin/authpf/authpf.c +++ b/usr.sbin/authpf/authpf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authpf.c,v 1.75 2004/01/29 01:55:10 deraadt Exp $ */ +/* $OpenBSD: authpf.c,v 1.76 2004/04/09 12:42:06 cedric Exp $ */ /* * Copyright (C) 1998 - 2002 Bob Beck (beck@openbsd.org). @@ -909,3 +909,9 @@ void pfctl_print_title(char *title) { } + +FILE * +pfctl_fopen(const char *name, const char *mode) +{ + return fopen(name, mode); +} |