When checking flags that will be passed to open(), test the O_ACCMODE portion

separately to avoid false negatives.

ok miod@ millert@

diff --git a/lib/libc/db/db/db.c b/lib/libc/db/db/db.c
index 0e1c844..8c5f78d 100644 (file)
--- a/lib/libc/db/db/db.c
+++ b/lib/libc/db/db/db.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: db.c,v 1.10 2005/08/05 13:03:00 espie Exp $   */
+/*     $OpenBSD: db.c,v 1.11 2015/05/11 00:42:54 guenther Exp $        */
 
 /*-
  * Copyright (c) 1991, 1993
@@ -48,9 +48,10 @@ dbopen(const char *fname, int flags, int mode, DBTYPE type,
 #define        DB_FLAGS        (DB_LOCK | DB_SHMEM | DB_TXN)
 #define        USE_OPEN_FLAGS                                                  \
        (O_CREAT | O_EXCL | O_EXLOCK | O_NOFOLLOW | O_NONBLOCK |        \
-        O_RDONLY | O_RDWR | O_SHLOCK | O_SYNC | O_TRUNC)
+        O_SHLOCK | O_SYNC | O_TRUNC)
 
-       if ((flags & ~(USE_OPEN_FLAGS | DB_FLAGS)) == 0)
+       if (((flags & O_ACCMODE) == O_RDONLY || (flags & O_ACCMODE) == O_RDWR)
+           && (flags & ~(O_ACCMODE | USE_OPEN_FLAGS | DB_FLAGS)) == 0)
                switch (type) {
                case DB_BTREE:
                        return (__bt_open(fname, flags & USE_OPEN_FLAGS,

diff --git a/lib/libc/gen/shm_open.c b/lib/libc/gen/shm_open.c
index 4e15bfa..1ebe7c8 100644 (file)
--- a/lib/libc/gen/shm_open.c
+++ b/lib/libc/gen/shm_open.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: shm_open.c,v 1.4 2013/11/12 06:09:48 deraadt Exp $ */
+/* $OpenBSD: shm_open.c,v 1.5 2015/05/11 00:42:54 guenther Exp $ */
 /*
  * Copyright (c) 2013 Ted Unangst <tedu@openbsd.org>
  *
@@ -31,6 +31,9 @@
 /* "/tmp/" + sha256 + ".shm" */
 #define SHM_PATH_SIZE (5 + SHA256_DIGEST_STRING_LENGTH + 4)
 
+/* O_CLOEXEC and O_NOFOLLOW are extensions to POSIX */
+#define OK_FLAGS       (O_CREAT | O_EXCL | O_TRUNC | O_CLOEXEC | O_NOFOLLOW)
+
 static void
 makeshmpath(const char *origpath, char *shmpath, size_t len)
 {
@@ -47,8 +50,8 @@ shm_open(const char *path, int flags, mode_t mode)
        struct stat sb;
        int fd;
 
-       if (flags & ~(O_RDONLY | O_RDWR |
-           O_CREAT | O_EXCL | O_TRUNC | O_CLOEXEC | O_NOFOLLOW)) {
+       if (((flags & O_ACCMODE) != O_RDONLY && (flags & O_ACCMODE) != O_RDWR)
+           || (flags & ~(O_ACCMODE | OK_FLAGS))) {
                errno = EINVAL;
                return -1;
        }

diff --git a/lib/libc/stdlib/posix_pty.c b/lib/libc/stdlib/posix_pty.c
index a2025dd..72b5d52 100644 (file)
--- a/lib/libc/stdlib/posix_pty.c
+++ b/lib/libc/stdlib/posix_pty.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: posix_pty.c,v 1.1 2012/12/03 20:08:33 millert Exp $   */
+/*     $OpenBSD: posix_pty.c,v 1.2 2015/05/11 00:42:54 guenther Exp $  */
 
 /*
  * Copyright (c) 2012 Todd C. Miller <Todd.Miller@courtesan.com>
@@ -35,7 +35,8 @@ posix_openpt(int oflag)
        int fd, mfd = -1;
 
        /* User must specify O_RDWR in oflag. */
-       if (!(oflag & O_RDWR)) {
+       if ((oflag & O_ACCMODE) != O_RDWR ||
+           (oflag & ~(O_ACCMODE | O_NOCTTY)) != 0) {
                errno = EINVAL;
                return -1;
        }

diff --git a/lib/libkvm/kvm.c b/lib/libkvm/kvm.c
index ceeb2f6..ee97c43 100644 (file)
--- a/lib/libkvm/kvm.c
+++ b/lib/libkvm/kvm.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: kvm.c,v 1.54 2015/01/16 16:48:51 deraadt Exp $ */
+/*     $OpenBSD: kvm.c,v 1.55 2015/05/11 00:42:54 guenther Exp $ */
 /*     $NetBSD: kvm.c,v 1.43 1996/05/05 04:31:59 gwr Exp $     */
 
 /*-
@@ -198,7 +198,7 @@ _kvm_open(kvm_t *kd, const char *uf, const char *mf, const char *sf,
                _kvm_err(kd, kd->program, "exec file name too long");
                goto failed;
        }
-       if (flag & ~O_ACCMODE) {
+       if (flag != O_RDONLY && flag != O_WRONLY && flag != O_RDWR) {
                _kvm_err(kd, kd->program, "bad flags arg");
                goto failed;
        }