diff options
| author | NIIBE Yutaka <[email protected]> | 2023-07-11 04:49:41 +0000 |
|---|---|---|
| committer | NIIBE Yutaka <[email protected]> | 2023-07-11 04:49:41 +0000 |
| commit | 067bc2ed4c842eb8975bd68f58fc804e3bd74dcd (patch) | |
| tree | 828ff13f7fc6a7884bdbf7422e478bcd5a50d99d | |
| parent | common: Change iobuf_fdopen argument type to gnupg_fd_t. (diff) | |
| download | gnupg-067bc2ed4c842eb8975bd68f58fc804e3bd74dcd.tar.gz gnupg-067bc2ed4c842eb8975bd68f58fc804e3bd74dcd.zip | |
gpg: Move the check by is_secured_file earlier.
* g10/decrypt.c (decrypt_message_fd): Call is_secured_file here.
* g10/plaintext.c (get_output_file): Remove the call.
--
Fixes-commit: 71625f56fd98ab37bc05f1806b4b49a2e418ac37
GnuPG-bug-id: 6580
Signed-off-by: NIIBE Yutaka <[email protected]>
| -rw-r--r-- | g10/decrypt.c | 12 | ||||
| -rw-r--r-- | g10/plaintext.c | 8 |
2 files changed, 13 insertions, 7 deletions
diff --git a/g10/decrypt.c b/g10/decrypt.c index 64ba0b7f1..0c2c51617 100644 --- a/g10/decrypt.c +++ b/g10/decrypt.c @@ -139,6 +139,18 @@ decrypt_message_fd (ctrl_t ctrl, gnupg_fd_t input_fd, return err; } + if (is_secured_file (output_fd)) + { + char xname[64]; + + err = gpg_error (GPG_ERR_EPERM); + snprintf (xname, sizeof xname, "[fd %d]", (int)(intptr_t)output_fd); + log_error (_("can't open '%s': %s\n"), xname, gpg_strerror (err)); + iobuf_close (fp); + release_progress_context (pfx); + return err; + } + opt.outfp = open_stream_nc (output_fd, "w"); if (!opt.outfp) { diff --git a/g10/plaintext.c b/g10/plaintext.c index 9544ddf03..03ddadcec 100644 --- a/g10/plaintext.c +++ b/g10/plaintext.c @@ -145,13 +145,7 @@ get_output_file (const byte *embedded_name, int embedded_namelen, } } - if (opt.outfp && is_secured_file (es_fileno (opt.outfp))) - { - err = gpg_error (GPG_ERR_EPERM); - log_error (_("error creating '%s': %s\n"), fname, gpg_strerror (err)); - goto leave; - } - else if (fp || nooutput) + if (fp || nooutput) ; else if (is_secured_filename (fname)) { |