X-Git-Url: https://code.delx.au/pulseaudio/blobdiff_plain/f1af7a02d12b29a63b5015aaef7f162b3fc7acb4..8534149fbe87c63a5af85f5610c0f62b45500d90:/src/pulsecore/core-util.c diff --git a/src/pulsecore/core-util.c b/src/pulsecore/core-util.c index 323c98d2..4e7d0d71 100644 --- a/src/pulsecore/core-util.c +++ b/src/pulsecore/core-util.c @@ -199,7 +199,7 @@ void pa_make_fd_cloexec(int fd) { /** Creates a directory securely */ int pa_make_secure_dir(const char* dir, mode_t m, uid_t uid, gid_t gid) { struct stat st; - int r, saved_errno; + int r, saved_errno, fd; pa_assert(dir); @@ -217,16 +217,45 @@ int pa_make_secure_dir(const char* dir, mode_t m, uid_t uid, gid_t gid) { if (r < 0 && errno != EEXIST) return -1; -#ifdef HAVE_CHOWN +#ifdef HAVE_FSTAT + if ((fd = open(dir, +#ifdef O_CLOEXEC + O_CLOEXEC| +#endif +#ifdef O_NOCTTY + O_NOCTTY| +#endif +#ifdef O_NOFOLLOW + O_NOFOLLOW| +#endif + O_RDONLY)) < 0) + goto fail; + + if (fstat(fd, &st) < 0) { + pa_assert_se(pa_close(fd) >= 0); + goto fail; + } + + if (!S_ISDIR(st.st_mode)) { + pa_assert_se(pa_close(fd) >= 0); + errno = EEXIST; + goto fail; + } + +#ifdef HAVE_FCHOWN if (uid == (uid_t)-1) uid = getuid(); if (gid == (gid_t)-1) gid = getgid(); - (void) chown(dir, uid, gid); + (void) fchown(fd, uid, gid); +#endif + +#ifdef HAVE_FCHMOD + (void) fchmod(fd, m); #endif -#ifdef HAVE_CHMOD - chmod(dir, m); + pa_assert_se(pa_close(fd) >= 0); + #endif #ifdef HAVE_LSTAT @@ -651,7 +680,7 @@ int pa_make_realtime(int rtprio) { } for (p = rtprio-1; p >= 1; p--) - if (set_scheduler(p)) { + if (set_scheduler(p) >= 0) { pa_log_info("Successfully enabled SCHED_RR scheduling for thread, with priority %i, which is lower than the requested %i.", p, rtprio); return 0; } @@ -721,7 +750,7 @@ int pa_raise_priority(int nice_level) { } for (n = nice_level+1; n < 0; n++) - if (set_nice(n) > 0) { + if (set_nice(n) >= 0) { pa_log_info("Successfully acquired nice level %i, which is lower than the requested %i.", n, nice_level); return 0; }