From 356c289c25884fd6b060f0636c48aafeeb974ab6 Mon Sep 17 00:00:00 2001 From: ngie Date: Tue, 16 Sep 2014 00:56:47 +0000 Subject: [PATCH] Validate the mode argument in access, eaccess, and faccessat for optional POSIX compliance and to improve compatibility with Linux and NetBSD The issue was identified with lib/libc/sys/t_access:access_inval from NetBSD Update the manpage accordingly PR: 181155 Reviewed by: jilles (code), jmmv (code), wblock (manpage), wollman (code) MFC after: 4 weeks Phabric: D678 (code), D786 (manpage) Sponsored by: EMC / Isilon Storage Division --- lib/libc/sys/access.2 | 10 +++++++++- sys/kern/vfs_syscalls.c | 3 +++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/lib/libc/sys/access.2 b/lib/libc/sys/access.2 index 65b8fb6bfbb1..edc6194756cc 100644 --- a/lib/libc/sys/access.2 +++ b/lib/libc/sys/access.2 @@ -133,8 +133,16 @@ and .Sh RETURN VALUES .Rv -std .Sh ERRORS -Access to the file is denied if: +.Fn access , +.Fn eaccess , +or +.Fn faccessat +will fail if: .Bl -tag -width Er +.It Bq Er EINVAL +The value of the +.Fa mode +argument is invalid. .It Bq Er ENOTDIR A component of the path prefix is not a directory. .It Bq Er ENAMETOOLONG diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c index 1406e0f8bc5f..b3b7ed5defd9 100644 --- a/sys/kern/vfs_syscalls.c +++ b/sys/kern/vfs_syscalls.c @@ -2055,6 +2055,9 @@ kern_accessat(struct thread *td, int fd, char *path, enum uio_seg pathseg, cap_rights_t rights; int error; + if (amode != F_OK && (amode & ~(R_OK | W_OK | X_OK)) != 0) + return (EINVAL); + /* * Create and modify a temporary credential instead of one that * is potentially shared.