about summary refs log tree commit diff
path: root/src/dirent/fdopendir.c
diff options
context:
space:
mode:
authorRich Felker <dalias@aerifal.cx>2019-02-07 12:51:02 -0500
committerRich Felker <dalias@aerifal.cx>2019-02-07 12:51:02 -0500
commit042b3ee452f542e0e16d847f90777e8c3a012375 (patch)
tree906be6630f8838a9c3fd1b10beb31f01cc712cb9 /src/dirent/fdopendir.c
parent1dd915c37090b32a6220488f99ce0f9be86eb46d (diff)
downloadmusl-042b3ee452f542e0e16d847f90777e8c3a012375.tar.gz
musl-042b3ee452f542e0e16d847f90777e8c3a012375.tar.xz
musl-042b3ee452f542e0e16d847f90777e8c3a012375.zip
fail fdopendir for O_PATH file descriptors
fdopendir is specified to fail with EBADF if the file descriptor
passed is not open for reading. while O_PATH is an extension and
arguably exempt from this requirement, it's used, albeit incompletely,
to implement O_SEARCH, and fdopendir should fail when passed an
O_SEARCH file descriptor.

the new check is performed after fstat so that we don't have to
consider the possibility that the fd is invalid.

an alternate solution would be attempting to pre-fill the buffer using
getdents, which would fail with EBADF for us, but that seems more
complex and error-prone and involves either code duplication or
refactoring, so the simple fix with an additional inexpensive syscall
is what I've made for now.
Diffstat (limited to 'src/dirent/fdopendir.c')
-rw-r--r--src/dirent/fdopendir.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/src/dirent/fdopendir.c b/src/dirent/fdopendir.c
index c377271d..d78fb87f 100644
--- a/src/dirent/fdopendir.c
+++ b/src/dirent/fdopendir.c
@@ -13,6 +13,10 @@ DIR *fdopendir(int fd)
 	if (fstat(fd, &st) < 0) {
 		return 0;
 	}
+	if (fcntl(fd, F_GETFL) & O_PATH) {
+		errno = EBADF;
+		return 0;
+	}
 	if (!S_ISDIR(st.st_mode)) {
 		errno = ENOTDIR;
 		return 0;