From 042b3ee452f542e0e16d847f90777e8c3a012375 Mon Sep 17 00:00:00 2001 From: Rich Felker Date: Thu, 7 Feb 2019 12:51:02 -0500 Subject: [PATCH] fail fdopendir for O_PATH file descriptors fdopendir is specified to fail with EBADF if the file descriptor passed is not open for reading. while O_PATH is an extension and arguably exempt from this requirement, it's used, albeit incompletely, to implement O_SEARCH, and fdopendir should fail when passed an O_SEARCH file descriptor. the new check is performed after fstat so that we don't have to consider the possibility that the fd is invalid. an alternate solution would be attempting to pre-fill the buffer using getdents, which would fail with EBADF for us, but that seems more complex and error-prone and involves either code duplication or refactoring, so the simple fix with an additional inexpensive syscall is what I've made for now. --- src/dirent/fdopendir.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/dirent/fdopendir.c b/src/dirent/fdopendir.c index c377271d..d78fb87f 100644 --- a/src/dirent/fdopendir.c +++ b/src/dirent/fdopendir.c @@ -13,6 +13,10 @@ DIR *fdopendir(int fd) if (fstat(fd, &st) < 0) { return 0; } + if (fcntl(fd, F_GETFL) & O_PATH) { + errno = EBADF; + return 0; + } if (!S_ISDIR(st.st_mode)) { errno = ENOTDIR; return 0; -- 2.25.1