diff options
| author | NIIBE Yutaka <[email protected]> | 2023-07-14 06:49:23 +0000 |
|---|---|---|
| committer | NIIBE Yutaka <[email protected]> | 2023-07-14 06:49:23 +0000 |
| commit | 5d375bb1682548a70882f270f8c8bba7033ab642 (patch) | |
| tree | 61e5c426ad01a9fa49db58bf1acdf07581c18268 | |
| parent | sm: Fix open_es_fread and open_es_fwrite for gnupg_fd_t. (diff) | |
| download | gnupg-5d375bb1682548a70882f270f8c8bba7033ab642.tar.gz gnupg-5d375bb1682548a70882f270f8c8bba7033ab642.zip | |
gpg: Use is_secured_filename before opening the file.
* g10/gpg.c (print_mds): Check by is_secured_filename, earlier.
* g10/tdbdump.c (import_ownertrust): Likewise.
--
GnuPG-bug-id: 6508
Signed-off-by: NIIBE Yutaka <[email protected]>
| -rw-r--r-- | g10/gpg.c | 6 | ||||
| -rw-r--r-- | g10/tdbdump.c | 13 |
2 files changed, 8 insertions, 11 deletions
@@ -5622,13 +5622,13 @@ print_mds( const char *fname, int algo ) } else { - fp = es_fopen (fname, "rb" ); - if (fp && is_secured_file (es_fileno (fp))) + if (is_secured_filename (fname)) { - es_fclose (fp); fp = NULL; gpg_err_set_errno (EPERM); } + else + fp = es_fopen (fname, "rb" ); } if (!fp) { diff --git a/g10/tdbdump.c b/g10/tdbdump.c index 2a02ad108..9ff3f81a3 100644 --- a/g10/tdbdump.c +++ b/g10/tdbdump.c @@ -141,19 +141,16 @@ import_ownertrust (ctrl_t ctrl, const char *fname ) fname = "[stdin]"; is_stdin = 1; } + else if (is_secured_filename (fname)) { + gpg_err_set_errno (EPERM); + log_error (_("can't open '%s': %s\n"), fname, strerror(errno) ); + return; + } else if( !(fp = es_fopen( fname, "r" )) ) { log_error ( _("can't open '%s': %s\n"), fname, strerror(errno) ); return; } - if (is_secured_file (es_fileno (fp))) - { - es_fclose (fp); - gpg_err_set_errno (EPERM); - log_error (_("can't open '%s': %s\n"), fname, strerror(errno) ); - return; - } - while (es_fgets (line, DIM(line)-1, fp)) { TRUSTREC rec; |