libc: open internal file-descriptor with OCEXEC flag

author: cinap_lenrek <cinap_lenrek@felloff.net> 2020-12-07 14:24:51 +0100
committer: cinap_lenrek <cinap_lenrek@felloff.net> 2020-12-07 14:24:51 +0100
commit: f1e15da8f550b12196d57e245437251f6eb289b5 (patch)
tree: 056e930a518b6e4a5e993fcad133ba4bc9855a01
parent: 544bca0290df1dc512641a1ab23e184ccc2406b3 (diff)
download: plan9front-f1e15da8f550b12196d57e245437251f6eb289b5.tar.xz
16 files changed, 36 insertions, 38 deletions
diff --git a/sys/src/libc/9sys/access.c b/sys/src/libc/9sys/access.c
index c9fee3432..86e459955 100644
--- a/sys/src/libc/9sys/access.c
+++ b/sys/src/libc/9sys/access.c
@@ -24,7 +24,7 @@ access(char *name, int mode)
 			return 0;
 		return -1;
 	}
-	fd = open(name, omode[mode&7]);
+	fd = open(name, omode[mode&7]|OCEXEC);
 	if(fd >= 0){
 		close(fd);
 		return 0;
diff --git a/sys/src/libc/9sys/getenv.c b/sys/src/libc/9sys/getenv.c
index 9535708e7..e1c89c1d1 100644
--- a/sys/src/libc/9sys/getenv.c
+++ b/sys/src/libc/9sys/getenv.c
@@ -18,7 +18,8 @@ getenv(char *name)
 	snprint(s, HUNK, "/env/%s", name);
 	n = 0;
 	r = -1;
-	if((f = open(s, OREAD)) >= 0){
+	f = open(s, OREAD|OCEXEC);
+	if(f >= 0){
 		while((r = read(f, s+n, HUNK)) > 0){
 			n += r;
 			r = -1;
diff --git a/sys/src/libc/9sys/getnetconninfo.c b/sys/src/libc/9sys/getnetconninfo.c
index 8dbb95f89..e21dcc306 100644
--- a/sys/src/libc/9sys/getnetconninfo.c
+++ b/sys/src/libc/9sys/getnetconninfo.c
@@ -13,7 +13,7 @@ getendpoint(char *dir, char *file, char **sysp, char **servp)
 	sys = serv = 0;
 
 	snprint(buf, sizeof buf, "%s/%s", dir, file);
-	fd = open(buf, OREAD);
+	fd = open(buf, OREAD|OCEXEC);
 	if(fd >= 0){
 		n = read(fd, buf, sizeof(buf)-1);
 		if(n>0){
@@ -41,7 +41,6 @@ getnetconninfo(char *dir, int fd)
 	NetConnInfo *nci;
 	char *cp;
 	Dir *d;
-	char spec[10];
 	char path[128];
 	char netname[128], *p;
 
@@ -76,10 +75,8 @@ getnetconninfo(char *dir, int fd)
 
 	/* figure out bind spec */
 	d = dirstat(nci->dir);
-	if(d != nil){
-		sprint(spec, "#%C%d", d->type, d->dev);
-		nci->spec = strdup(spec);
-	}
+	if(d != nil)
+		nci->spec = smprint("#%C%d", d->type, d->dev);
 	if(nci->spec == nil)
 		nci->spec = unknown;
 	free(d);
diff --git a/sys/src/libc/9sys/getppid.c b/sys/src/libc/9sys/getppid.c
index b90b57ee5..87b878927 100644
--- a/sys/src/libc/9sys/getppid.c
+++ b/sys/src/libc/9sys/getppid.c
@@ -8,7 +8,7 @@ getppid(void)
 	int f;
 
 	memset(b, 0, sizeof(b));
-	f = open("/dev/ppid", 0);
+	f = open("/dev/ppid", OREAD|OCEXEC);
 	if(f >= 0) {
 		read(f, b, sizeof(b));
 		close(f);
diff --git a/sys/src/libc/9sys/getwd.c b/sys/src/libc/9sys/getwd.c
index ed73cb775..cef4b4796 100644
--- a/sys/src/libc/9sys/getwd.c
+++ b/sys/src/libc/9sys/getwd.c
@@ -1,14 +1,12 @@
 #include <u.h>
 #include <libc.h>
 
-static char *nsgetwd(char*, int);
-
 char*
 getwd(char *buf, int nbuf)
 {
 	int n, fd;
 
-	fd = open(".", OREAD);
+	fd = open(".", OREAD|OCEXEC);
 	if(fd < 0)
 		return nil;
 	n = fd2path(fd, buf, nbuf);
diff --git a/sys/src/libc/9sys/iounit.c b/sys/src/libc/9sys/iounit.c
index 194b17173..02ee77ee4 100644
--- a/sys/src/libc/9sys/iounit.c
+++ b/sys/src/libc/9sys/iounit.c
@@ -13,7 +13,7 @@ iounit(int fd)
 	char buf[128], *args[10];
 
 	snprint(buf, sizeof buf, "#d/%dctl", fd);
-	cfd = open(buf, OREAD);
+	cfd = open(buf, OREAD|OCEXEC);
 	if(cfd < 0)
 		return 0;
 	i = read(cfd, buf, sizeof buf-1);
diff --git a/sys/src/libc/9sys/postnote.c b/sys/src/libc/9sys/postnote.c
index 46564e9ea..12dc7a951 100644
--- a/sys/src/libc/9sys/postnote.c
+++ b/sys/src/libc/9sys/postnote.c
@@ -4,21 +4,21 @@
 int
 postnote(int group, int pid, char *note)
 {
-	char file[128];
+	char file[32];
 	int f, r;
 
 	switch(group) {
 	case PNPROC:
-		sprint(file, "/proc/%d/note", pid);
+		snprint(file, sizeof(file), "/proc/%lud/note", (ulong)pid);
 		break;
 	case PNGROUP:
-		sprint(file, "/proc/%d/notepg", pid);
+		snprint(file, sizeof(file), "/proc/%lud/notepg", (ulong)pid);
 		break;
 	default:
 		return -1;
 	}
 
-	f = open(file, OWRITE);
+	f = open(file, OWRITE|OCEXEC);
 	if(f < 0)
 		return -1;
 
diff --git a/sys/src/libc/9sys/procsetname.c b/sys/src/libc/9sys/procsetname.c
index 5a75b5147..7b9d41b8e 100644
--- a/sys/src/libc/9sys/procsetname.c
+++ b/sys/src/libc/9sys/procsetname.c
@@ -8,8 +8,9 @@ procsetname(char *fmt, ...)
 	char buf[128];
 	va_list arg;
 
-	snprint(buf, sizeof buf, "#p/%lud/args", (ulong)getpid());
-	if((fd = open(buf, OWRITE)) < 0)
+	snprint(buf, sizeof buf, "/proc/%lud/args", (ulong)getpid());
+	fd = open(buf, OWRITE|OCEXEC);
+	if(fd < 0)
 		return;
 	va_start(arg, fmt);
 	n = vsnprint(buf, sizeof buf, fmt, arg);
diff --git a/sys/src/libc/9sys/pushssl.c b/sys/src/libc/9sys/pushssl.c
index 8817dd1c3..29eee92a3 100644
--- a/sys/src/libc/9sys/pushssl.c
+++ b/sys/src/libc/9sys/pushssl.c
@@ -11,7 +11,7 @@ int
 pushssl(int fd, char *alg, char *secin, char *secout, int *cfd)
 {
 	char buf[8];
-	char dname[64];
+	char dname[32];
 	int n, data, ctl;
 
 	ctl = open("#D/ssl/clone", ORDWR);
@@ -21,7 +21,7 @@ pushssl(int fd, char *alg, char *secin, char *secout, int *cfd)
 	if(n < 0)
 		goto error;
 	buf[n] = 0;
-	sprint(dname, "#D/ssl/%s/data", buf);
+	snprint(dname, sizeof(dname), "#D/ssl/%s/data", buf);
 	data = open(dname, ORDWR);
 	if(data < 0)
 		goto error;
diff --git a/sys/src/libc/9sys/pushtls.c b/sys/src/libc/9sys/pushtls.c
index 345c6b030..07e6c35a4 100644
--- a/sys/src/libc/9sys/pushtls.c
+++ b/sys/src/libc/9sys/pushtls.c
@@ -42,14 +42,14 @@ int
 pushtls(int fd, char *hashalg, char *encalg, int isclient, char *secret, char *dir)
 {
 	char buf[8];
-	char dname[64];
+	char dname[32];
 	int n, data, ctl, hand;
 
 	// open a new filter; get ctl fd
 	data = hand = -1;
 	// /net/tls uses decimal file descriptors to name channels, hence a
 	// user-level file server can't stand in for #a; may as well hard-code it.
-	ctl = open("#a/tls/clone", ORDWR);
+	ctl = open("#a/tls/clone", ORDWR|OCEXEC);
 	if(ctl < 0)
 		goto error;
 	n = read(ctl, buf, sizeof(buf)-1);
@@ -60,14 +60,14 @@ pushtls(int fd, char *hashalg, char *encalg, int isclient, char *secret, char *d
 		sprint(dir, "#a/tls/%s", buf);
 
 	// get application fd
-	sprint(dname, "#a/tls/%s/data", buf);
+	snprint(dname, sizeof(dname), "#a/tls/%s/data", buf);
 	data = open(dname, ORDWR);
 	if(data < 0)
 		goto error;
 
 	// get handshake fd
-	sprint(dname, "#a/tls/%s/hand", buf);
-	hand = open(dname, ORDWR);
+	snprint(dname, sizeof(dname), "#a/tls/%s/hand", buf);
+	hand = open(dname, ORDWR|OCEXEC);
 	if(hand < 0)
 		goto error;
 
diff --git a/sys/src/libc/9sys/putenv.c b/sys/src/libc/9sys/putenv.c
index a99aaeb5f..034bbf0a7 100644
--- a/sys/src/libc/9sys/putenv.c
+++ b/sys/src/libc/9sys/putenv.c
@@ -13,7 +13,7 @@ putenv(char *name, char *val)
 		return -1;
 	}
 	snprint(ename, sizeof(ename), "/env/%s", name);
-	f = create(ename, OWRITE, 0664);
+	f = create(ename, OWRITE|OCEXEC, 0664);
 	if(f < 0)
 		return -1;
 	n = strlen(val);
diff --git a/sys/src/libc/9sys/sysname.c b/sys/src/libc/9sys/sysname.c
index 1854ddceb..6d8823643 100644
--- a/sys/src/libc/9sys/sysname.c
+++ b/sys/src/libc/9sys/sysname.c
@@ -10,7 +10,7 @@ sysname(void)
 	if(b[0])
 		return b;
 
-	f = open("#c/sysname", 0);
+	f = open("/dev/sysname", OREAD|OCEXEC);
 	if(f >= 0) {
 		n = read(f, b, sizeof(b)-1);
 		if(n > 0)
diff --git a/sys/src/libc/port/date.c b/sys/src/libc/port/date.c
index 7be6cb52f..805302432 100644
--- a/sys/src/libc/port/date.c
+++ b/sys/src/libc/port/date.c
@@ -174,11 +174,12 @@ loadzone(Tzone *tz, char *name)
 	else
 		snprint(path, sizeof(path), "/adm/timezone/%s", name);
 	memset(buf, 0, sizeof(buf));
-	if((f = open(path, 0)) == -1)
+	f = open(path, OREAD|OCEXEC);
+	if(f < 0)
 		return -1;
 	r = read(f, buf, sizeof(buf));
 	close(f);
-	if(r == sizeof(buf) || r == -1)
+	if(r < 0 || r >= sizeof(buf))
 		return -1;
 	buf[r] = 0;
 	p = buf;
diff --git a/sys/src/libc/port/getuser.c b/sys/src/libc/port/getuser.c
index a987244ee..ff3d2e2a1 100644
--- a/sys/src/libc/port/getuser.c
+++ b/sys/src/libc/port/getuser.c
@@ -8,7 +8,7 @@ getuser(void)
 	int fd;
 	int n;
 
-	fd = open("/dev/user", OREAD);
+	fd = open("/dev/user", OREAD|OCEXEC);
 	if(fd < 0)
 		return "none";
 	n = read(fd, user, (sizeof user)-1);
diff --git a/sys/src/libc/port/malloc.c b/sys/src/libc/port/malloc.c
index 907bfa8a6..d738cc4b9 100644
--- a/sys/src/libc/port/malloc.c
+++ b/sys/src/libc/port/malloc.c
@@ -99,13 +99,13 @@ checkenv(void)
 {
 	int n, fd;
 	char buf[20];
-	fd = open("/env/MALLOCFD", OREAD);
+	fd = open("/env/MALLOCFD", OREAD|OCEXEC);
 	if(fd < 0)
 		return -1;
-	if((n = read(fd, buf, sizeof buf)) < 0) {
-		close(fd);
+	n = read(fd, buf, sizeof buf);
+	close(fd);
+	if(n < 0)
 		return -1;
-	}
 	if(n >= sizeof buf)
 		n = sizeof(buf)-1;
 	buf[n] = 0;
diff --git a/sys/src/libc/port/profile.c b/sys/src/libc/port/profile.c
index 8a8cd41b3..2a81aebcf 100644
--- a/sys/src/libc/port/profile.c
+++ b/sys/src/libc/port/profile.c
@@ -137,7 +137,7 @@ _profdump(void)
 		snprint(filename, sizeof filename - 1, "prof.%ld", _tos->prof.pid);
 	else
 		snprint(filename, sizeof filename - 1, "prof.out");
-	f = create(filename, 1, 0666);
+	f = create(filename, OWRITE|OCEXEC, 0666);
 	if(f < 0) {
 		perror("create prof.out");
 		return;
@@ -245,7 +245,7 @@ _profmain(void)
 		khz = _tos->cyclefreq / 1000;	/* Report times in milliseconds */
 		havecycles = 1;
 	}
-	f = open("/env/profsize", OREAD);
+	f = open("/env/profsize", OREAD|OCEXEC);
 	if(f >= 0) {
 		memset(ename, 0, sizeof(ename));
 		read(f, ename, sizeof(ename)-1);
@@ -253,7 +253,7 @@ _profmain(void)
 		n = atol(ename);
 	}
 	_tos->prof.what = Profuser;
-	f = open("/env/proftype", OREAD);
+	f = open("/env/proftype", OREAD|OCEXEC);
 	if(f >= 0) {
 		memset(ename, 0, sizeof(ename));
 		read(f, ename, sizeof(ename)-1);
author	cinap_lenrek <cinap_lenrek@felloff.net>	2020-12-07 14:24:51 +0100
committer	cinap_lenrek <cinap_lenrek@felloff.net>	2020-12-07 14:24:51 +0100
commit	f1e15da8f550b12196d57e245437251f6eb289b5 (patch)
tree	056e930a518b6e4a5e993fcad133ba4bc9855a01
parent	544bca0290df1dc512641a1ab23e184ccc2406b3 (diff)
download	plan9front-f1e15da8f550b12196d57e245437251f6eb289b5.tar.xz