From: Simon Ruderich Date: Sun, 4 Apr 2021 08:35:22 +0000 (+0200) Subject: sync: refactor file opening into OpenFileNoFollow() X-Git-Url: https://ruderich.org/simon/gitweb/?a=commitdiff_plain;h=713cde4bd701dd53ed46d01f43c9e9e7b82dc514;p=safcm%2Fsafcm.git sync: refactor file opening into OpenFileNoFollow() Make it public because it will be used by other packages in the next commit. --- diff --git a/cmd/safcm-remote/sync/files.go b/cmd/safcm-remote/sync/files.go index 06bc406..12508ce 100644 --- a/cmd/safcm-remote/sync/files.go +++ b/cmd/safcm-remote/sync/files.go @@ -110,10 +110,7 @@ func (s *Sync) syncFile(file *safcm.File, changed *bool) error { var oldStat fs.FileInfo reopen: - oldFh, err := os.OpenFile(file.Path, - // O_NOFOLLOW prevents symlink attacks - // O_NONBLOCK is necessary to prevent blocking on FIFOs - os.O_RDONLY|syscall.O_NOFOLLOW|syscall.O_NONBLOCK, 0) + oldFh, err := OpenFileNoFollow(file.Path) if err != nil { err := err.(*fs.PathError) if err.Err == syscall.ELOOP { @@ -273,8 +270,7 @@ reopen: // a symlink at this point. There's no lchmod so open the // directory. debugf("chmodding %s", file.Mode) - dh, err := os.OpenFile(file.Path, - os.O_RDONLY|syscall.O_NOFOLLOW|syscall.O_NONBLOCK, 0) + dh, err := OpenFileNoFollow(file.Path) if err != nil { return err } @@ -502,6 +498,13 @@ func diffData(oldData []byte, newData []byte) (string, error) { return result, nil } +func OpenFileNoFollow(path string) (*os.File, error) { + return os.OpenFile(path, + // O_NOFOLLOW prevents symlink attacks + // O_NONBLOCK is necessary to prevent blocking on FIFOs + os.O_RDONLY|syscall.O_NOFOLLOW|syscall.O_NONBLOCK, 0) +} + // syncPath syncs path, which should be a directory. To guarantee durability // it must be called on a parent directory after adding, renaming or removing // files therein.