[PATCH nft 2/2] libnftables: skip useable checks for /dev/stdin

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



/dev/stdin is a placeholder, read() from STDIN_FILENO is used to fetch
the standard input into a buffer.

Since 5c2b2b0a2ba7 ("src: error reporting with -f and read from stdin")
stdin is stored in a buffer to fix error reporting.

Fixes: 149b1c95d129 ("libnftables: refuse to open onput files other than named pipes or regular files")
Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
 src/libnftables.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/libnftables.c b/src/libnftables.c
index af4734c05004..4676b30a04b1 100644
--- a/src/libnftables.c
+++ b/src/libnftables.c
@@ -664,6 +664,7 @@ retry:
 
 /* need to use stat() to, fopen() will block for named fifos and
  * libjansson makes no checks before or after open either.
+ * /dev/stdin is *never* used, read() from STDIN_FILENO is used instead.
  */
 static struct error_record *filename_is_useable(struct nft_ctx *nft, const char *name)
 {
@@ -671,6 +672,9 @@ static struct error_record *filename_is_useable(struct nft_ctx *nft, const char
 	struct stat sb;
 	int err;
 
+	if (!strcmp(name, "/dev/stdin"))
+		return NULL;
+
 	err = stat(name, &sb);
 	if (err)
 		return error(&internal_location, "Could not open file \"%s\": %s\n",
@@ -681,9 +685,6 @@ static struct error_record *filename_is_useable(struct nft_ctx *nft, const char
 	if (type == S_IFREG || type == S_IFIFO)
 		return NULL;
 
-	if (type == S_IFCHR && 0 == strcmp(name, "/dev/stdin"))
-		return NULL;
-
 	return error(&internal_location, "Not a regular file: \"%s\"\n", name);
 }
 
-- 
2.30.2





[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux