From: Richard Jones Date: Fri, 4 Jun 2010 10:55:54 +0000 (+0100) Subject: touch: Restrict touch to regular files only (RHBZ#582484). X-Git-Tag: 1.3.19~2 X-Git-Url: http://git.annexia.org/?a=commitdiff_plain;h=74958b0ad44df6ed703cd3009983d04ade3a8e93;p=libguestfs.git touch: Restrict touch to regular files only (RHBZ#582484). --- diff --git a/daemon/file.c b/daemon/file.c index 2594207..9824472 100644 --- a/daemon/file.c +++ b/daemon/file.c @@ -34,6 +34,26 @@ do_touch (const char *path) { int fd; int r; + struct stat buf; + + /* RHBZ#582484: Restrict touch to regular files. It's also OK + * here if the file does not exist, since we will create it. + */ + CHROOT_IN; + r = lstat (path, &buf); + CHROOT_OUT; + + if (r == -1) { + if (errno != ENOENT) { + reply_with_perror ("lstat: %s", path); + return -1; + } + } else { + if (! S_ISREG (buf.st_mode)) { + reply_with_error ("%s: touch can only be used on a regular files", path); + return -1; + } + } CHROOT_IN; fd = open (path, O_WRONLY | O_CREAT | O_NOCTTY, 0666); diff --git a/src/generator.ml b/src/generator.ml index ec6123a..c7dbdfc 100755 --- a/src/generator.ml +++ b/src/generator.ml @@ -992,7 +992,10 @@ closing the handle."); "\ Touch acts like the L command. It can be used to update the timestamps on a file, or, if the file does not exist, -to create a new zero-length file."); +to create a new zero-length file. + +This command only works on regular files, and will fail on other +file types such as directories, symbolic links, block special etc."); ("cat", (RString "content", [Pathname "path"]), 4, [ProtocolLimitWarning], [InitISOFS, Always, TestOutput (