1 /*
2 * Copyright (c) 2001, 2014, Oracle and/or its affiliates. All rights reserved.
3 * Copyright 2012, 2013 SAP AG. All rights reserved.
4 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
5 *
6 * This code is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License version 2 only, as
8 * published by the Free Software Foundation.
9 *
10 * This code is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * version 2 for more details (a copy is included in the LICENSE file that
14 * accompanied this code).
15 *
16 * You should have received a copy of the GNU General Public License version
17 * 2 along with this work; if not, write to the Free Software Foundation,
18 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
19 *
20 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
21 * or visit www.oracle.com if you need additional information or have any
22 * questions.
437 //
438 static DIR *open_directory_secure_cwd(const char* dirname, int *saved_cwd_fd) {
439
440 // Open the directory.
441 DIR* dirp = open_directory_secure(dirname);
442 if (dirp == NULL) {
443 // Directory doesn't exist or is insecure, so there is nothing to cleanup.
444 return dirp;
445 }
446 int fd = dirp->dd_fd;
447
448 // Open a fd to the cwd and save it off.
449 int result;
450 RESTARTABLE(::open(".", O_RDONLY), result);
451 if (result == OS_ERR) {
452 *saved_cwd_fd = -1;
453 } else {
454 *saved_cwd_fd = result;
455 }
456
457 // Set the current directory to dirname by using the fd of the directory.
458 result = fchdir(fd);
459
460 return dirp;
461 }
462
463 // Close the directory and restore the current working directory.
464 static void close_directory_secure_cwd(DIR* dirp, int saved_cwd_fd) {
465
466 int result;
467 // If we have a saved cwd change back to it and close the fd.
468 if (saved_cwd_fd != -1) {
469 result = fchdir(saved_cwd_fd);
470 ::close(saved_cwd_fd);
471 }
472
473 // Close the directory.
474 os::closedir(dirp);
475 }
476
477 // Check if the given file descriptor is considered a secure.
478 static bool is_file_secure(int fd, const char *filename) {
479
480 int result;
481 struct stat statbuf;
482
483 // Determine if the file is secure.
|
1 /*
2 * Copyright (c) 2001, 2015, Oracle and/or its affiliates. All rights reserved.
3 * Copyright 2012, 2013 SAP AG. All rights reserved.
4 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
5 *
6 * This code is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License version 2 only, as
8 * published by the Free Software Foundation.
9 *
10 * This code is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * version 2 for more details (a copy is included in the LICENSE file that
14 * accompanied this code).
15 *
16 * You should have received a copy of the GNU General Public License version
17 * 2 along with this work; if not, write to the Free Software Foundation,
18 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
19 *
20 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
21 * or visit www.oracle.com if you need additional information or have any
22 * questions.
437 //
438 static DIR *open_directory_secure_cwd(const char* dirname, int *saved_cwd_fd) {
439
440 // Open the directory.
441 DIR* dirp = open_directory_secure(dirname);
442 if (dirp == NULL) {
443 // Directory doesn't exist or is insecure, so there is nothing to cleanup.
444 return dirp;
445 }
446 int fd = dirp->dd_fd;
447
448 // Open a fd to the cwd and save it off.
449 int result;
450 RESTARTABLE(::open(".", O_RDONLY), result);
451 if (result == OS_ERR) {
452 *saved_cwd_fd = -1;
453 } else {
454 *saved_cwd_fd = result;
455 }
456
457 // Set the current directory to dirname by using the fd of the directory and
458 // handle errors, otherwise shared memory files will be created in cwd.
459 result = fchdir(fd);
460 if (result == OS_ERR) {
461 if (PrintMiscellaneous && Verbose) {
462 warning("could not change to directory %s", dirname);
463 }
464 if (*saved_cwd_fd != -1) {
465 ::close(*saved_cwd_fd);
466 *saved_cwd_fd = -1;
467 }
468 // Close the directory.
469 os::closedir(dirp);
470 return NULL;
471 } else {
472 return dirp;
473 }
474 }
475
476 // Close the directory and restore the current working directory.
477 //
478 static void close_directory_secure_cwd(DIR* dirp, int saved_cwd_fd) {
479
480 int result;
481 // If we have a saved cwd change back to it and close the fd.
482 if (saved_cwd_fd != -1) {
483 result = fchdir(saved_cwd_fd);
484 ::close(saved_cwd_fd);
485 }
486
487 // Close the directory.
488 os::closedir(dirp);
489 }
490
491 // Check if the given file descriptor is considered a secure.
492 static bool is_file_secure(int fd, const char *filename) {
493
494 int result;
495 struct stat statbuf;
496
497 // Determine if the file is secure.
|