* [gentoo-commits] proj/sandbox:master commit in: libsandbox/, libsbutil/src/, libsandbox/wrapper-funcs/
@ 2021-11-05 10:25 Mike Frysinger
0 siblings, 0 replies; only message in thread
From: Mike Frysinger @ 2021-11-05 10:25 UTC (permalink / raw
To: gentoo-commits
commit: 382f70b8d93d012648edc7a42087a6d4d5a103eb
Author: Mike Frysinger <vapier <AT> gentoo <DOT> org>
AuthorDate: Fri Nov 5 10:23:34 2021 +0000
Commit: Mike Frysinger <vapier <AT> gentoo <DOT> org>
CommitDate: Fri Nov 5 10:23:34 2021 +0000
URL: https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=382f70b8
libsandbox/libsbutil: use faccessat for file-existence tests
This is faster than using stat since it doesn't have to gather all
the metadata, and should avoid LFS issues as a result.
Bug: https://bugs.gentoo.org/583282
Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>
libsandbox/pre_check_openat.c | 15 +++------------
libsandbox/wrapper-funcs/fopen_pre_check.c | 3 +--
libsbutil/src/file.c | 14 +-------------
3 files changed, 5 insertions(+), 27 deletions(-)
diff --git a/libsandbox/pre_check_openat.c b/libsandbox/pre_check_openat.c
index 8cf8133..8fd3b23 100644
--- a/libsandbox/pre_check_openat.c
+++ b/libsandbox/pre_check_openat.c
@@ -12,24 +12,15 @@
bool sb_openat_pre_check(const char *func, const char *pathname, int dirfd, int flags)
{
- /* If we're not trying to create, fail normally if
- * file does not stat
- */
+ /* If we're not trying to create, fail normally if file does not stat */
if (flags & O_CREAT)
return true;
save_errno();
- /* Check incoming args against common *at issues */
- char dirfd_path[SB_PATH_MAX];
- if (!sb_common_at_pre_check(func, &pathname, dirfd, dirfd_path, sizeof(dirfd_path)))
- return false;
-
/* Doesn't exist -> skip permission checks */
- struct stat st;
- if (((flags & O_NOFOLLOW) ? lstat(pathname, &st) : stat(pathname, &st)) == -1) {
- sb_debug_dyn("EARLY FAIL: %s(%s): %s\n",
- func, pathname, strerror(errno));
+ if (faccessat(dirfd, pathname, F_OK, (flags & O_NOFOLLOW) ? AT_SYMLINK_NOFOLLOW : 0) == -1) {
+ sb_debug_dyn("EARLY FAIL: %s(%s): %s\n", func, pathname, strerror(errno));
return false;
}
diff --git a/libsandbox/wrapper-funcs/fopen_pre_check.c b/libsandbox/wrapper-funcs/fopen_pre_check.c
index 765526e..95108e0 100644
--- a/libsandbox/wrapper-funcs/fopen_pre_check.c
+++ b/libsandbox/wrapper-funcs/fopen_pre_check.c
@@ -11,8 +11,7 @@ bool sb_fopen_pre_check(const char *func, const char *pathname, const char *mode
save_errno();
/* If we're trying to read, fail normally if file does not stat */
- struct stat st;
- if (-1 == stat(pathname, &st)) {
+ if (faccessat(AT_FDCWD, pathname, F_OK, 0) == -1) {
sb_debug_dyn("EARLY FAIL: %s(%s): %s\n",
func, pathname, strerror(errno));
return false;
diff --git a/libsbutil/src/file.c b/libsbutil/src/file.c
index 4542ae5..a1a4a0e 100644
--- a/libsbutil/src/file.c
+++ b/libsbutil/src/file.c
@@ -15,19 +15,7 @@
bool
rc_file_exists (const char *pathname)
{
- struct stat buf;
- int retval;
-
- if (!check_str (pathname))
- return false;
-
- retval = lstat (pathname, &buf);
- if (-1 != retval)
- retval = true;
- else
- retval = false;
-
- return retval;
+ return faccessat(AT_FDCWD, pathname, F_OK, AT_SYMLINK_NOFOLLOW) == 0;
}
bool
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2021-11-05 10:25 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-11-05 10:25 [gentoo-commits] proj/sandbox:master commit in: libsandbox/, libsbutil/src/, libsandbox/wrapper-funcs/ Mike Frysinger
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox