Radish alpha
H
HardenedBSD-pkg
rad:z3QDZAW2FAfuLvihrhiyDC9fAD8G9
HardenedBSD Package Manager
Radicle
Git
Commits 3b2541e
Modify pkg_audit functions to have a default value for the vulnerability file
Baptiste Daroussin committed 9 years ago
commit 3b2541ed490ce34117036be55ef57f699a2ba308
parent 1b3efc4
2 files changed +26 -13
modified libpkg/pkg_audit.c
@@ -250,6 +250,7 @@ pkg_audit_fetch(const char *src, const char *dest)
	time_t t = 0;

	struct stat st;

	struct pkg_audit_extract_cbdata cbdata;
+ 
	int dfd = -1;



	tmpdir = getenv("TMPDIR");

	if (tmpdir == NULL)
@@ -258,8 +259,14 @@ pkg_audit_fetch(const char *src, const char *dest)
	strlcpy(tmp, tmpdir, sizeof(tmp));

	strlcat(tmp, "/vuln.xml.bz2.XXXXXXXX", sizeof(tmp));
- 
	if (stat(dest, &st) != -1)
- 
		t = st.st_mtime;
+ 
	if (dest != NULL) {
+ 
		if (stat(dest, &st) != -1)
+ 
			t = st.st_mtime;
+ 
	} else {
+ 
		dfd = pkg_get_dbdirfd();
+ 
		if (fstatat(dfd, "vuln.xml", &st, 0) != -1)
+ 
			t = st.st_mtime;
+ 
	}



	switch (pkg_fetch_file_tmp(NULL, src, tmp, t)) {

	case EPKG_OK:
@@ -280,8 +287,13 @@ pkg_audit_fetch(const char *src, const char *dest)
		goto cleanup;

	}

	/* Open out fd */
- 
	outfd = open(dest, O_RDWR|O_CREAT|O_TRUNC,
- 
			S_IRUSR|S_IRGRP|S_IROTH);
+ 
	if (dest != NULL) {
+ 
		outfd = open(dest, O_RDWR|O_CREAT|O_TRUNC,
+ 
		    S_IRUSR|S_IRGRP|S_IROTH);
+ 
	} else {
+ 
		outfd = openat(dfd, "vuln.xml", O_RDWR|O_CREAT|O_TRUNC,
+ 
		    S_IRUSR|S_IRGRP|S_IROTH);
+ 
	}

	if (outfd == -1) {

		pkg_emit_errno("pkg_audit_fetch", "open out fd");

		goto cleanup;
@@ -850,12 +862,18 @@ pkg_audit_new(void)
int

pkg_audit_load(struct pkg_audit *audit, const char *fname)

{
- 
	int fd;
+ 
	int dfd, fd;

	void *mem;

	struct stat st;
- 
	if ((fd = open(fname, O_RDONLY)) == -1)
- 
		return (EPKG_FATAL);
+ 
	if (fname != NULL) {
+ 
		if ((fd = open(fname, O_RDONLY)) == -1)
+ 
			return (EPKG_FATAL);
+ 
	} else {
+ 
		dfd = pkg_get_dbdirfd();
+ 
		if ((fd = openat(dfd, "vuln.xml", O_RDONLY)) == -1)
+ 
			return (EPKG_FATAL);
+ 
	}



	if (fstat(fd, &st) == -1) {

		close(fd);
modified src/audit.c
@@ -116,11 +116,9 @@ exec_audit(int argc, char **argv)
	struct pkgdb		*db = NULL;

	struct pkgdb_it		*it = NULL;

	struct pkg		*pkg = NULL;
- 
	const char		*db_dir;

	char			*name;

	char			*version;
- 
	char			 audit_file_buf[MAXPATHLEN];
- 
	char			*audit_file = audit_file_buf;
+ 
	char			*audit_file = NULL;

	unsigned int		 vuln = 0;

	bool			 fetch = false, recursive = false;

	int			 ch, i;
@@ -129,9 +127,6 @@ exec_audit(int argc, char **argv)
	struct sbuf		*sb;

	kh_pkgs_t		*check = NULL;
- 
	db_dir = pkg_object_string(pkg_config_get("PKG_DBDIR"));
- 
	snprintf(audit_file_buf, sizeof(audit_file_buf), "%s/vuln.xml", db_dir);
- 


	struct option longopts[] = {

		{ "fetch",	no_argument,		NULL,	'F' },

		{ "file",	required_argument,	NULL,	'f' },