From 713cde4bd701dd53ed46d01f43c9e9e7b82dc514 Mon Sep 17 00:00:00 2001 From: Simon Ruderich Date: Sun, 4 Apr 2021 10:35:22 +0200 Subject: [PATCH] sync: refactor file opening into OpenFileNoFollow() Make it public because it will be used by other packages in the next commit. --- cmd/safcm-remote/sync/files.go | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/cmd/safcm-remote/sync/files.go b/cmd/safcm-remote/sync/files.go index 06bc406..12508ce 100644 --- a/cmd/safcm-remote/sync/files.go +++ b/cmd/safcm-remote/sync/files.go @@ -110,10 +110,7 @@ func (s *Sync) syncFile(file *safcm.File, changed *bool) error { var oldStat fs.FileInfo reopen: - oldFh, err := os.OpenFile(file.Path, - // O_NOFOLLOW prevents symlink attacks - // O_NONBLOCK is necessary to prevent blocking on FIFOs - os.O_RDONLY|syscall.O_NOFOLLOW|syscall.O_NONBLOCK, 0) + oldFh, err := OpenFileNoFollow(file.Path) if err != nil { err := err.(*fs.PathError) if err.Err == syscall.ELOOP { @@ -273,8 +270,7 @@ reopen: // a symlink at this point. There's no lchmod so open the // directory. debugf("chmodding %s", file.Mode) - dh, err := os.OpenFile(file.Path, - os.O_RDONLY|syscall.O_NOFOLLOW|syscall.O_NONBLOCK, 0) + dh, err := OpenFileNoFollow(file.Path) if err != nil { return err } @@ -502,6 +498,13 @@ func diffData(oldData []byte, newData []byte) (string, error) { return result, nil } +func OpenFileNoFollow(path string) (*os.File, error) { + return os.OpenFile(path, + // O_NOFOLLOW prevents symlink attacks + // O_NONBLOCK is necessary to prevent blocking on FIFOs + os.O_RDONLY|syscall.O_NOFOLLOW|syscall.O_NONBLOCK, 0) +} + // syncPath syncs path, which should be a directory. To guarantee durability // it must be called on a parent directory after adding, renaming or removing // files therein. -- 2.45.2