From patchwork Wed Apr 5 14:03:53 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arthur Cohen X-Patchwork-Id: 79702 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp358624vqo; Wed, 5 Apr 2023 07:40:43 -0700 (PDT) X-Google-Smtp-Source: AKy350bMyANJ/tfrpYikRJB4yz0/CCTfp0J8Nt0fvOyDNPmoIBmcZzUY1boFSk8xZflqIDWfFHuq X-Received: by 2002:a17:907:174a:b0:949:1e89:8fd4 with SMTP id lf10-20020a170907174a00b009491e898fd4mr3034548ejc.69.1680705643324; Wed, 05 Apr 2023 07:40:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1680705643; cv=none; d=google.com; s=arc-20160816; b=fQLYZjEC3vlitMavktML/KEvl64D3uIcRrhzsDHWeRa01tR2P2XAqLMkcheEBNQA4e XBYpP90Gm3lztL32HyS0WD8hUpGQfHmUoBIFP03/75fBxG6EqMCVsmyWeqHFbvg/QY5e ZUFjOq5O+APIJiYsp16CJa/0V6VI1tMMXehDG0+EinhRo6wpRd0feGD5qgAiMZX9Q+X+ TAUb7YLPhClBqwEcc/ri9p5j+5JlsnWr2QlPdy54yIP+vx122JOYD4J4AbnVot1B4IK2 bf8yS5RoqaZo2jPAQkVH7U5kGgIUegbu9Dclewg3QoOGWArWTs+OUX6gZdLotyAjz3v2 eW1g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:reply-to:list-subscribe:list-help:list-post :list-archive:list-unsubscribe:list-id:precedence :content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature:dmarc-filter :delivered-to; bh=2JYPPufBm17C8gJ68C7axxWbue6wBAVF6i2JaVFRM8c=; b=ROmFTYJxVBrRFvMbIZgq/pci3lM7thYf1d7dPjvi9KvDKY65hMGSMkkRyncXw0f/1y hak5MxKUbUckPHoAvVGgFJuzp8J1lMwkp6aIuotfDFwEeYSK/yayB4fj3jlySG7mVc3E SbifTSmncFnD8K8dVVlAa0pQzFsEkjruU3IpE5h8hHQmMYih5SuUowHrws20VNCHj5dV +Fnlmuc3AuXUls2e5o6bbQkJs+ruX/Vy50v/3wnAOguNL4d2YmOUVAf7Ck2Hx0CcDE8F 6FacyZotyYFfQ6yXMsDG+D05Xjfcw6cKlHXo6b+yuyMljXMPEdv8ghs6tppuHOPVZPGw k9+Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@embecosm.com header.s=google header.b=eLtRHGR1; spf=pass (google.com: domain of gcc-patches-bounces+ouuuleilei=gmail.com@gcc.gnu.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="gcc-patches-bounces+ouuuleilei=gmail.com@gcc.gnu.org" Received: from sourceware.org (server2.sourceware.org. [2620:52:3:1:0:246e:9693:128c]) by mx.google.com with ESMTPS id d1-20020a170906304100b00947a7291940si1067689ejd.618.2023.04.05.07.40.43 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 05 Apr 2023 07:40:43 -0700 (PDT) Received-SPF: pass (google.com: domain of gcc-patches-bounces+ouuuleilei=gmail.com@gcc.gnu.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) client-ip=2620:52:3:1:0:246e:9693:128c; Authentication-Results: mx.google.com; dkim=pass header.i=@embecosm.com header.s=google header.b=eLtRHGR1; spf=pass (google.com: domain of gcc-patches-bounces+ouuuleilei=gmail.com@gcc.gnu.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="gcc-patches-bounces+ouuuleilei=gmail.com@gcc.gnu.org" Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 885E039F9F6D for ; Wed, 5 Apr 2023 14:14:52 +0000 (GMT) X-Original-To: gcc-patches@gcc.gnu.org Delivered-To: gcc-patches@gcc.gnu.org Received: from mail-wr1-x42b.google.com (mail-wr1-x42b.google.com [IPv6:2a00:1450:4864:20::42b]) by sourceware.org (Postfix) with ESMTPS id C0ADB388201B for ; Wed, 5 Apr 2023 14:06:17 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org C0ADB388201B Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=embecosm.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=embecosm.com Received: by mail-wr1-x42b.google.com with SMTP id v1so36337667wrv.1 for ; Wed, 05 Apr 2023 07:06:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=embecosm.com; s=google; t=1680703577; h=content-transfer-encoding:mime-version:reply-to:references :in-reply-to:message-id:date:subject:cc:to:from:from:to:cc:subject :date:message-id:reply-to; bh=2JYPPufBm17C8gJ68C7axxWbue6wBAVF6i2JaVFRM8c=; b=eLtRHGR1fenvlfTi8zZqV2a2aOuZIATRQANX+TNU5tQV6H3ZDQJWIbRN2Rq9a3dcxL VLvggh2rUKRws+jL2CkI8BOnDDRH0az6JMaXfGuMx3+V23L/xRbE8N5W1k1kEYUaItf/ Z77vLxn5b8Qk6/LManz2Jt/Bh1xbcOKcevkfjjwJna15DM3kmeNdQF2OUNpYEe7KQyhX lUjZEWhzEiGRGgn8miWOFTsBUWZe2H+qe66Hqyoio4ludz9eUm+emPZm1UVMwiO2w7En tlPzioK8hNboTUsHV739Vyuk+q51yIqh48fREB9CJeyWlllPwbfUnYKSfqLi+51hJz9G O4XA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680703577; h=content-transfer-encoding:mime-version:reply-to:references :in-reply-to:message-id:date:subject:cc:to:from:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=2JYPPufBm17C8gJ68C7axxWbue6wBAVF6i2JaVFRM8c=; b=IBaHzDOp+VtCiNF7QaB6PzBG90peDvfJZm2W4b1XcXhtySL2V4haZJ9VpPViOV4GIO 9axL77MEi+QgYlhR42RyAdhpxpQHYn/AWvZmbXUCra7M0XJA3r5X9YhNPXo0FG2r3UEU WYGjE+7BVdoWSOqE77y9F3bomTdYN07+ifIOBhg/9oX5XquyQHsTq4s0vhAzKUKWe2Ah Ko2Ax5Q0/dzPJPFLk8on+mNteOLEb3UE22sFh9j7WGoUCqeiJaqF7nX20r1p4ZCamTZy QydTvxCLdQhT9mcGNyBKBOQzW7LBgLY+YUgyxJLFs4oqOGRCiBT8YAU2OKTB6Jqw10Q2 kwxA== X-Gm-Message-State: AAQBX9f2JHooxLumf/D1xq/a5AJ7nz5iUcqoP4fa2BwrxpJctWYAJWnO Xh5ogn0LrBdt+d1gHdJaHKDPgnyej7kqu9L9QQ== X-Received: by 2002:a5d:4ac5:0:b0:2cb:d8f1:1d31 with SMTP id y5-20020a5d4ac5000000b002cbd8f11d31mr3978374wrs.18.1680703577180; Wed, 05 Apr 2023 07:06:17 -0700 (PDT) Received: from platypus.localdomain ([62.23.166.218]) by smtp.gmail.com with ESMTPSA id ay8-20020a05600c1e0800b003edddae1068sm2330150wmb.9.2023.04.05.07.06.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 05 Apr 2023 07:06:16 -0700 (PDT) From: arthur.cohen@embecosm.com To: gcc-patches@gcc.gnu.org Cc: gcc-rust@gcc.gnu.org, Pierre-Emmanuel Patry Subject: [committed 69/88] gccrs: lex: Prevent directories in RAIIFile Date: Wed, 5 Apr 2023 16:03:53 +0200 Message-Id: <20230405140411.3016563-70-arthur.cohen@embecosm.com> X-Mailer: git-send-email 2.40.0 In-Reply-To: <20230405140411.3016563-1-arthur.cohen@embecosm.com> References: <20230405140411.3016563-1-arthur.cohen@embecosm.com> MIME-Version: 1.0 X-Spam-Status: No, score=-14.5 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: arthur.cohen@embecosm.com Errors-To: gcc-patches-bounces+ouuuleilei=gmail.com@gcc.gnu.org Sender: "Gcc-patches" X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1762347600589506536?= X-GMAIL-MSGID: =?utf-8?q?1762347600589506536?= From: Pierre-Emmanuel Patry RAIIFile constructor was accepting directory filename. This lead to unattended directory opening in some part of the code (load_file_bytes) wich resulted in ice. Since RAIIFile are used for the lexer, removing the ability to open directories with RAIIFile fixes those issues and prevent future mistakes. gcc/rust/ChangeLog: * lex/rust-lex.h: Add file type check. Signed-off-by: Pierre-Emmanuel Patry --- gcc/rust/lex/rust-lex.h | 28 ++++++++++++++++++++++++++-- 1 file changed, 26 insertions(+), 2 deletions(-) diff --git a/gcc/rust/lex/rust-lex.h b/gcc/rust/lex/rust-lex.h index 2dd60b365ef..50424713df9 100644 --- a/gcc/rust/lex/rust-lex.h +++ b/gcc/rust/lex/rust-lex.h @@ -38,13 +38,37 @@ private: fclose (file); } + static bool allowed_filetype (const struct stat &statbuf) + { + // The file could be either + // - a regular file + // - a char device (/dev/null...) + return S_ISREG (statbuf.st_mode) || S_ISCHR (statbuf.st_mode); + } + public: RAIIFile (const char *filename) : filename (filename) { if (strcmp (filename, "-") == 0) - file = stdin; + { + file = stdin; + } else - file = fopen (filename, "r"); + { + struct stat statbuf; + if (!(file = fopen (filename, "r"))) + { + return; + } + + if (-1 == fstat (fileno (file), &statbuf) + || !allowed_filetype (statbuf)) + { + fclose (file); + file = nullptr; + errno = EISDIR; + } + } } /**