* [PATCH 5/6] wwwstatic: avoid TOCTTOU for FIFO check
2020-01-01 10:38 7% [PATCH 0/6] wwwstatic: support directory listings Eric Wong
@ 2020-01-01 10:38 7% ` Eric Wong
0 siblings, 0 replies; 2+ results
From: Eric Wong @ 2020-01-01 10:38 UTC (permalink / raw)
To: meta
We can use Perl's sysopen function to pass O_NONBLOCK to open(2)
and avoid blocking on FIFOs. This avoids a TOCTTOU race where
somebody can change a regular to FIFO in between the stat(2) and
open(2) syscalls.
---
lib/PublicInbox/WwwStatic.pm | 17 +++++++++++------
1 file changed, 11 insertions(+), 6 deletions(-)
diff --git a/lib/PublicInbox/WwwStatic.pm b/lib/PublicInbox/WwwStatic.pm
index 093a7920..ce4bfe9b 100644
--- a/lib/PublicInbox/WwwStatic.pm
+++ b/lib/PublicInbox/WwwStatic.pm
@@ -4,9 +4,10 @@
package PublicInbox::WwwStatic;
use strict;
use parent qw(Exporter);
-use Fcntl qw(:seek);
+use Fcntl qw(SEEK_SET O_RDONLY O_NONBLOCK);
use HTTP::Date qw(time2str);
use HTTP::Status qw(status_message);
+use Errno qw(EACCES ENOTDIR ENOENT);
our @EXPORT_OK = qw(@NO_CACHE r);
our @NO_CACHE = ('Expires', 'Fri, 01 Jan 1980 00:00:00 GMT',
@@ -70,15 +71,19 @@ sub prepare_range {
sub response {
my ($env, $h, $path, $type) = @_;
- return r(404) unless -f $path && -r _; # just in case it's a FIFO :P
- my ($size, $in);
+ my $in;
if ($env->{REQUEST_METHOD} eq 'HEAD') {
- $size = -s _;
+ return r(404) unless -f $path && -r _; # in case it's a FIFO :P
} else { # GET, callers should've already filtered out other methods
- open $in, '<', $path or return r(403);
- $size = -s $in;
+ if (!sysopen($in, $path, O_RDONLY|O_NONBLOCK)) {
+ return r(404) if $! == ENOENT || $! == ENOTDIR;
+ return r(403) if $! == EACCES;
+ return r(500);
+ }
+ return r(404) unless -f $in;
}
+ my $size = -s _; # bare "_" reuses "struct stat" from "-f" above
my $mtime = time2str((stat(_))[9]);
if (my $ims = $env->{HTTP_IF_MODIFIED_SINCE}) {
^ permalink raw reply related [relevance 7%]
* [PATCH 0/6] wwwstatic: support directory listings
@ 2020-01-01 10:38 7% Eric Wong
2020-01-01 10:38 7% ` [PATCH 5/6] wwwstatic: avoid TOCTTOU for FIFO check Eric Wong
0 siblings, 1 reply; 2+ results
From: Eric Wong @ 2020-01-01 10:38 UTC (permalink / raw)
To: meta
Now it'll be possible to replicate the timeless web design
of https://public-inbox.org/ with our own PSGI code!
I imagine per-inbox docroots might be useful for serving git
bundles, tarball releases, bundles, and maybe altid snapshots,
too.
Eric Wong (6):
wwwstatic: implement Last-Modified and If-Modified-Since
www: move more logic into path_info_raw
wwwstatic: move r(...) functions here
wwwstatic: do not open() files for HEAD requests
wwwstatic: avoid TOCTTOU for FIFO check
wwwstatic: add directory listing + index.html support
MANIFEST | 1 +
lib/PublicInbox/Cgit.pm | 9 +-
lib/PublicInbox/GitHTTPBackend.pm | 19 +--
lib/PublicInbox/WWW.pm | 23 +--
lib/PublicInbox/WwwHighlight.pm | 9 +-
lib/PublicInbox/WwwStatic.pm | 256 ++++++++++++++++++++++++++++--
t/www_static.t | 96 +++++++++++
xt/git-http-backend.t | 20 +++
8 files changed, 368 insertions(+), 65 deletions(-)
create mode 100644 t/www_static.t
^ permalink raw reply [relevance 7%]
Results 1-2 of 2 | reverse | options above
-- pct% links below jump to the message on this page, permalinks otherwise --
2020-01-01 10:38 7% [PATCH 0/6] wwwstatic: support directory listings Eric Wong
2020-01-01 10:38 7% ` [PATCH 5/6] wwwstatic: avoid TOCTTOU for FIFO check Eric Wong
Code repositories for project(s) associated with this public inbox
https://80x24.org/public-inbox.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).