summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSander Vrijders <sander.vrijders@intec.ugent.be>2016-07-03 16:30:19 +0200
committerSander Vrijders <sander.vrijders@intec.ugent.be>2016-07-03 16:30:19 +0200
commitaca5db11a73e66377b8566e69c1baabb1df803ab (patch)
treed1333083d2d2302b3159b91ec3f204ccbd95f8bc
parent597456c934bf0f9ec475ac89eaaf67e9a0c58c0e (diff)
parent8cb2f2fe999476b55358e3cfbdcbcbb3cf75f2cb (diff)
downloadouroboros-aca5db11a73e66377b8566e69c1baabb1df803ab.tar.gz
ouroboros-aca5db11a73e66377b8566e69c1baabb1df803ab.zip
Merged in dstaesse/ouroboros/be-bind-secure (pull request #151)
tools, irm: move binary check to library
-rw-r--r--src/lib/irm.c8
-rw-r--r--src/tools/irm/irm_bind.c16
2 files changed, 17 insertions, 7 deletions
diff --git a/src/lib/irm.c b/src/lib/irm.c
index 6b296258..93963eb1 100644
--- a/src/lib/irm.c
+++ b/src/lib/irm.c
@@ -29,6 +29,7 @@
#include <ouroboros/sockets.h>
#include <stdlib.h>
+#include <sys/stat.h>
pid_t irm_create_ipcp(char * name,
enum ipcp_type ipcp_type)
@@ -246,10 +247,17 @@ int irm_bind(char * name,
irm_msg_t msg = IRM_MSG__INIT;
irm_msg_t * recv_msg = NULL;
int ret = -1;
+ struct stat s;
if (name == NULL || ap_name == NULL)
return -EINVAL;
+ if (stat(ap_name, &s) != 0)
+ return -ENOENT;
+
+ if (!(s.st_mode & S_IXUSR))
+ return -EPERM;
+
msg.code = IRM_MSG_CODE__IRM_BIND;
msg.dst_name = name;
msg.ap_name = ap_name;
diff --git a/src/tools/irm/irm_bind.c b/src/tools/irm/irm_bind.c
index 92ebdd8a..45da6e4c 100644
--- a/src/tools/irm/irm_bind.c
+++ b/src/tools/irm/irm_bind.c
@@ -22,7 +22,7 @@
#include <stdio.h>
#include <string.h>
-#include <sys/stat.h>
+#include <errno.h>
#include <ouroboros/irm.h>
@@ -45,7 +45,7 @@ int do_bind(int argc, char ** argv)
char * name = NULL;
char * ap_name = NULL;
uint16_t flags = 0;
- struct stat s;
+ int ret = 0;
while (argc > 0) {
if (matches(*argv, "name") == 0) {
@@ -79,15 +79,17 @@ int do_bind(int argc, char ** argv)
return -1;
}
- if (stat(ap_name, &s) != 0) {
- printf("Application %s does not exist.\n", ap_name);
+ ret = irm_bind(name, ap_name, flags, argc, argv);
+ if (ret == -ENOENT) {
+ printf("%s does not exist.\n", ap_name);
return -1;
}
- if (!(s.st_mode & S_IXUSR)) {
- printf("Application %s is not executable.\n", ap_name);
+ if (ret == -EPERM) {
+ printf("Cannot execute %s, please check permissions.\n",
+ ap_name);
return -1;
}
- return irm_bind(name, ap_name, flags, argc, argv);
+ return ret;
}