diff options
| author | jilles <jilles@FreeBSD.org> | 2013-02-10 18:56:37 +0000 |
|---|---|---|
| committer | jilles <jilles@FreeBSD.org> | 2013-02-10 18:56:37 +0000 |
| commit | dd4e5033b17d432b375c82b8ef1513099374601e (patch) | |
| tree | adc7ca38faa1e3706d9bbcff438bf7d15b430846 | |
| parent | 600c4a5591d88f52a57e117b862b4c6d6c397f06 (diff) | |
| download | FreeBSD-src-dd4e5033b17d432b375c82b8ef1513099374601e.zip FreeBSD-src-dd4e5033b17d432b375c82b8ef1513099374601e.tar.gz | |
find: Run when cwd cannot be opened, except with -execdir or -delete.
fts(3) can run (albeit more slowly and imposing the {PATH_MAX} limit) when
the current directory cannot be opened. Therefore, do not make a failure to
open the current directory (for returning to it later in -exec) fatal.
If -execdir or -delete are used, the expectation is that fts(3) will use
chdir to avoid race conditions (except for -execdir with -L). Do not break
this expectation any more than it already is by still failing if the current
directory cannot be opened.
| -rw-r--r-- | usr.bin/find/function.c | 16 | ||||
| -rw-r--r-- | usr.bin/find/main.c | 2 |
2 files changed, 16 insertions, 2 deletions
diff --git a/usr.bin/find/function.c b/usr.bin/find/function.c index 4f2eba7..cad6eb1 100644 --- a/usr.bin/find/function.c +++ b/usr.bin/find/function.c @@ -472,6 +472,14 @@ c_delete(OPTION *option, char ***argvp __unused) isoutput = 1; /* possible output */ isdepth = 1; /* -depth implied */ + /* + * Try to avoid the confusing error message about relative paths + * being potentially not safe. + */ + if (ftsoptions & FTS_NOCHDIR) + errx(1, "%s: forbidden when the current directory cannot be opened", + "-delete"); + return palloc(option); } @@ -644,7 +652,8 @@ doexec: if ((plan->flags & F_NEEDOK) && !queryuser(plan->e_argv)) /* NOTREACHED */ case 0: /* change dir back from where we started */ - if (!(plan->flags & F_EXECDIR) && fchdir(dotfd)) { + if (!(plan->flags & F_EXECDIR) && + !(ftsoptions & FTS_NOCHDIR) && fchdir(dotfd)) { warn("chdir"); _exit(1); } @@ -677,6 +686,11 @@ c_exec(OPTION *option, char ***argvp) int cnt, i; char **argv, **ap, **ep, *p; + /* This would defeat -execdir's intended security. */ + if (option->flags & F_EXECDIR && ftsoptions & FTS_NOCHDIR) + errx(1, "%s: forbidden when the current directory cannot be opened", + "-execdir"); + /* XXX - was in c_execdir, but seems unnecessary!? ftsoptions &= ~FTS_NOSTAT; */ diff --git a/usr.bin/find/main.c b/usr.bin/find/main.c index 6284413..3a0377f 100644 --- a/usr.bin/find/main.c +++ b/usr.bin/find/main.c @@ -152,7 +152,7 @@ main(int argc, char *argv[]) *p = NULL; if ((dotfd = open(".", O_RDONLY | O_CLOEXEC, 0)) < 0) - err(1, "."); + ftsoptions |= FTS_NOCHDIR; exit(find_execute(find_formplan(argv), start)); } |
