merge

author: cinap_lenrek <cinap_lenrek@felloff.net> 2020-12-07 16:48:19 +0100
committer: cinap_lenrek <cinap_lenrek@felloff.net> 2020-12-07 16:48:19 +0100
commit: d5928fb515f73ab0d530799654738dedcbfb6279 (patch)
tree: c82b9a82eb281fd7bda323e9e33adf92c66ac4db
parent: 6c29cf79f073c71b1e0db1a9f713c52803ba32f7 (diff)
parent: f7e21d7692e619e9a926f29f2d59906c0d7ef072 (diff)
download: plan9front-d5928fb515f73ab0d530799654738dedcbfb6279.tar.xz
11 files changed, 32 insertions, 30 deletions
diff --git a/sys/src/libauth/auth_challenge.c b/sys/src/libauth/auth_challenge.c
index 5ab0ee6a1..63f670b4c 100644
--- a/sys/src/libauth/auth_challenge.c
+++ b/sys/src/libauth/auth_challenge.c
@@ -23,7 +23,7 @@ auth_challenge(char *fmt, ...)
 		return nil;
 	}
 
-	if((c->afd = open("/mnt/factotum/rpc", ORDWR)) < 0){
+	if((c->afd = open("/mnt/factotum/rpc", ORDWR|OCEXEC)) < 0){
 	Error:
 		auth_freechal(c);
 		free(p);
diff --git a/sys/src/libauth/auth_chuid.c b/sys/src/libauth/auth_chuid.c
index 300e93f67..6b3819e86 100644
--- a/sys/src/libauth/auth_chuid.c
+++ b/sys/src/libauth/auth_chuid.c
@@ -16,7 +16,7 @@ auth_chuid(AuthInfo *ai, char *ns)
 	}
 
 	/* change uid */
-	fd = open("#¤/capuse", OWRITE);
+	fd = open("#¤/capuse", OWRITE|OCEXEC);
 	if(fd < 0){
 		werrstr("opening #¤/capuse: %r");
 		return -1;
@@ -29,10 +29,10 @@ auth_chuid(AuthInfo *ai, char *ns)
 	}
 
 	/* get a link to factotum as new user */
-	fd = open("/srv/factotum", ORDWR);
+	fd = open("/srv/factotum", ORDWR|OCEXEC);
 	if(fd >= 0){
-		mount(fd, -1, "/mnt", MREPL, "");
-		close(fd);
+		if(mount(fd, -1, "/mnt", MREPL, "") == -1)
+			close(fd);
 	}
 
 	/* set up new namespace */
diff --git a/sys/src/libauth/auth_getuserpasswd.c b/sys/src/libauth/auth_getuserpasswd.c
index 4d66dcecb..831ee3300 100644
--- a/sys/src/libauth/auth_getuserpasswd.c
+++ b/sys/src/libauth/auth_getuserpasswd.c
@@ -32,12 +32,11 @@ auth_getuserpasswd(AuthGetkey *getkey, char *fmt, ...)
 	UserPasswd *up;
 
 	up = nil;
-	rpc = nil;
 	params = nil;
 
-	fd = open("/mnt/factotum/rpc", ORDWR);
+	fd = open("/mnt/factotum/rpc", ORDWR|OCEXEC);
 	if(fd < 0)
-		goto out;
+		return nil;
 	rpc = auth_allocrpc(fd);
 	if(rpc == nil)
 		goto out;
@@ -69,7 +68,7 @@ auth_getuserpasswd(AuthGetkey *getkey, char *fmt, ...)
 
 out:
 	free(params);
-	auth_freerpc(rpc);
 	close(fd);
+	auth_freerpc(rpc);
 	return up;
 }
diff --git a/sys/src/libauth/auth_proxy.c b/sys/src/libauth/auth_proxy.c
index 68987140a..3f9f03694 100644
--- a/sys/src/libauth/auth_proxy.c
+++ b/sys/src/libauth/auth_proxy.c
@@ -200,7 +200,7 @@ auth_proxy(int fd, AuthGetkey *getkey, char *fmt, ...)
 	va_end(arg);
 
 	ai = nil;
-	afd = open("/mnt/factotum/rpc", ORDWR);
+	afd = open("/mnt/factotum/rpc", ORDWR|OCEXEC);
 	if(afd < 0){
 		werrstr("opening /mnt/factotum/rpc: %r");
 		free(p);
diff --git a/sys/src/libauth/auth_respond.c b/sys/src/libauth/auth_respond.c
index cab4446e0..b5a362571 100644
--- a/sys/src/libauth/auth_respond.c
+++ b/sys/src/libauth/auth_respond.c
@@ -31,7 +31,7 @@ dorespond(void *chal, uint nchal, char *user, uint nuser, void *resp, uint nresp
 	AuthRpc *rpc;
 	Attr *a;
 
-	if((afd = open("/mnt/factotum/rpc", ORDWR)) < 0)
+	if((afd = open("/mnt/factotum/rpc", ORDWR|OCEXEC)) < 0)
 		return -1;
 	
 	if((rpc = auth_allocrpc(afd)) == nil){
diff --git a/sys/src/libauth/auth_userpasswd.c b/sys/src/libauth/auth_userpasswd.c
index 62ed2c0da..df5b5834f 100644
--- a/sys/src/libauth/auth_userpasswd.c
+++ b/sys/src/libauth/auth_userpasswd.c
@@ -11,7 +11,7 @@ auth_userpasswd(char *user, char *passwd)
 	char *s;
 	int afd;
 
-	afd = open("/mnt/factotum/rpc", ORDWR);
+	afd = open("/mnt/factotum/rpc", ORDWR|OCEXEC);
 	if(afd < 0)
 		return nil;
 	ai = nil;
diff --git a/sys/src/libauth/newns.c b/sys/src/libauth/newns.c
index fd5d6cb59..91bf5f802 100644
--- a/sys/src/libauth/newns.c
+++ b/sys/src/libauth/newns.c
@@ -41,7 +41,7 @@ buildns(int newns, char *user, char *file)
 
 	rpc = nil;
 	/* try for factotum now because later is impossible */
-	afd = open("/mnt/factotum/rpc", ORDWR);
+	afd = open("/mnt/factotum/rpc", ORDWR|OCEXEC);
 	if(afd < 0 && newnsdebug)
 		fprint(2, "open /mnt/factotum/rpc: %r\n");
 	if(afd >= 0){
@@ -58,8 +58,8 @@ buildns(int newns, char *user, char *file)
 		}
 		file = "/lib/namespace";
 	}
-	b = Bopen(file, OREAD);
-	if(b == 0){
+	b = Bopen(file, OREAD|OCEXEC);
+	if(b == nil){
 		werrstr("can't open %s: %r", file);
 		return freecloserpc(rpc);
 	}
@@ -135,6 +135,8 @@ famount(int fd, AuthRpc *rpc, char *mntpt, int flags, char *aname)
 			auth_freeAI(ai);
 	}
 	ret = mount(fd, afd, mntpt, flags, aname);
+	if(ret == -1)
+		close(fd);
 	if(afd >= 0)
 		close(afd);
 	return ret;
@@ -151,7 +153,7 @@ nsop(char *fn, int argc, char *argv[], AuthRpc *rpc)
 
 	cdroot = 0;
 	flags = 0;
-	argv0 = 0;
+	argv0 = nil;
 	if(newnsdebug){
 		for (i = 0; i < argc; i++)
 			fprint(2, "%s ", argv[i]);
@@ -176,7 +178,7 @@ nsop(char *fn, int argc, char *argv[], AuthRpc *rpc)
 		flags |= MREPL;
 
 	if(strcmp(argv0, ".") == 0 && argc == 1){
-		b = Bopen(argv[0], OREAD);
+		b = Bopen(argv[0], OREAD|OCEXEC);
 		if(b == nil)
 			return 0;
 		cdroot |= nsfile(fn, b, rpc);
@@ -192,7 +194,7 @@ nsop(char *fn, int argc, char *argv[], AuthRpc *rpc)
 		else if(argc == 2)
 			unmount(argv[0], argv[1]);
 	}else if(strcmp(argv0, "mount") == 0){
-		fd = open(argv[0], ORDWR);
+		fd = open(argv[0], ORDWR|OCEXEC);
 		if(fd < 0){
 			if(newnsdebug)
 				fprint(2, "%s: mount: %s: %r\n", fn, argv[0]);
@@ -204,8 +206,9 @@ nsop(char *fn, int argc, char *argv[], AuthRpc *rpc)
 		}else if(argc == 3){
 			if(famount(fd, rpc, argv[1], flags, argv[2]) == -1 && newnsdebug)
 				fprint(2, "%s: mount: %s %s %s: %r\n", fn, argv[0], argv[1], argv[2]);
+		} else {
+			close(fd);
 		}
-		close(fd);
 	}else if(strcmp(argv0, "cd") == 0 && argc == 1){
 		if(chdir(argv[0]) == 0 && *argv[0] == '/')
 			cdroot = 1;
@@ -316,7 +319,7 @@ expandarg(char *arg, char *buf)
 		strcpy(env, "#e/");
 		strncpy(env+3, p, len);
 		env[3+len] = '\0';
-		fd = open(env, OREAD);
+		fd = open(env, OREAD|OCEXEC);
 		if(fd >= 0){
 			len = read(fd, &buf[n], ANAMELEN - 1);
 			/* some singleton environment variables have trailing NULs */
@@ -345,7 +348,7 @@ setenv(char *name, char *val)
 	long s;
 
 	sprint(ename, "#e/%s", name);
-	f = create(ename, OWRITE, 0664);
+	f = create(ename, OWRITE|OCEXEC, 0664);
 	if(f < 0)
 		return -1;
 	s = strlen(val);
diff --git a/sys/src/libauth/noworld.c b/sys/src/libauth/noworld.c
index c61b1463c..b8687f194 100644
--- a/sys/src/libauth/noworld.c
+++ b/sys/src/libauth/noworld.c
@@ -15,7 +15,7 @@ noworld(char *user)
 	char *p;
 	int n;
 
-	b = Bopen("/adm/users", OREAD);
+	b = Bopen("/adm/users", OREAD|OCEXEC);
 	if(b == nil)
 		return 0;
 	while((p = Brdline(b, '\n')) != nil){
diff --git a/sys/src/libauthsrv/readcons.c b/sys/src/libauthsrv/readcons.c
index 8a7a3af27..d9a9ead94 100644
--- a/sys/src/libauthsrv/readcons.c
+++ b/sys/src/libauthsrv/readcons.c
@@ -13,13 +13,13 @@ readcons(char *prompt, char *def, int raw)
 	s = p = nil;
 	fdout = ctl = -1;
 
-	if((fdin = open("/dev/cons", OREAD)) < 0)
+	if((fdin = open("/dev/cons", OREAD|OCEXEC)) < 0)
 		goto Out;
-	if((fdout = open("/dev/cons", OWRITE)) < 0)
+	if((fdout = open("/dev/cons", OWRITE|OCEXEC)) < 0)
 		goto Out;
 
 	if(raw){
-		if((ctl = open("/dev/consctl", OWRITE)) < 0)
+		if((ctl = open("/dev/consctl", OWRITE|OCEXEC)) < 0)
 			goto Out;
 		write(ctl, "rawon", 5);
 	}
diff --git a/sys/src/libauthsrv/readnvram.c b/sys/src/libauthsrv/readnvram.c
index 1a00835cf..e13641bd6 100644
--- a/sys/src/libauthsrv/readnvram.c
+++ b/sys/src/libauthsrv/readnvram.c
@@ -91,9 +91,9 @@ findnvram(Nvrwhere *locp)
 			v[0] = "";
 			v[1] = nil;
 		}
-		fd = open(v[0], ORDWR);
+		fd = open(v[0], ORDWR|OCEXEC);
 		if (fd < 0)
-			fd = open(v[0], OREAD);
+			fd = open(v[0], OREAD|OCEXEC);
 		safelen = sizeof(Nvrsafe);
 		if(strstr(v[0], "/9fat") == nil)
 			safeoff = 0;
@@ -120,7 +120,7 @@ findnvram(Nvrwhere *locp)
 		for(i=0; i<nelem(nvtab); i++){
 			if(strcmp(cputype, nvtab[i].cputype) != 0)
 				continue;
-			if((fd = open(nvtab[i].file, ORDWR)) < 0)
+			if((fd = open(nvtab[i].file, ORDWR|OCEXEC)) < 0)
 				continue;
 			safeoff = nvtab[i].off;
 			safelen = nvtab[i].len;
diff --git a/sys/src/libdraw/readcolmap.c b/sys/src/libdraw/readcolmap.c
index 6eb8ee26e..6d63dc46d 100644
--- a/sys/src/libdraw/readcolmap.c
+++ b/sys/src/libdraw/readcolmap.c
@@ -27,8 +27,8 @@ readcolmap(Display *d, RGB *colmap)
 	USED(screen);
 
 	sprint(buf, "/dev/draw/%d/colormap", d->dirno);
-	b = Bopen(buf, OREAD);
-	if(b == 0)
+	b = Bopen(buf, OREAD|OCEXEC);
+	if(b == nil)
 		drawerror(d, "rdcolmap: can't open colormap device");
 
 	for(;;) {
author	cinap_lenrek <cinap_lenrek@felloff.net>	2020-12-07 16:48:19 +0100
committer	cinap_lenrek <cinap_lenrek@felloff.net>	2020-12-07 16:48:19 +0100
commit	d5928fb515f73ab0d530799654738dedcbfb6279 (patch)
tree	c82b9a82eb281fd7bda323e9e33adf92c66ac4db
parent	6c29cf79f073c71b1e0db1a9f713c52803ba32f7 (diff)
parent	f7e21d7692e619e9a926f29f2d59906c0d7ef072 (diff)
download	plan9front-d5928fb515f73ab0d530799654738dedcbfb6279.tar.xz