From: guenther <guenther@openbsd.org>
Date: Mon, 11 May 2015 00:42:54 +0000 (+0000)
Subject: When checking flags that will be passed to open(), test the O_ACCMODE portion
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=dc519336cc6495b5a61e8b6564dc5dc717ce145a;p=openbsd

When checking flags that will be passed to open(), test the O_ACCMODE portion
separately to avoid false negatives.

ok miod@ millert@
---

diff --git a/lib/libc/db/db/db.c b/lib/libc/db/db/db.c
index 0e1c84417d1..8c5f78dacf7 100644
--- a/lib/libc/db/db/db.c
+++ b/lib/libc/db/db/db.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: db.c,v 1.10 2005/08/05 13:03:00 espie Exp $	*/
+/*	$OpenBSD: db.c,v 1.11 2015/05/11 00:42:54 guenther Exp $	*/
 
 /*-
  * Copyright (c) 1991, 1993
@@ -48,9 +48,10 @@ dbopen(const char *fname, int flags, int mode, DBTYPE type,
 #define	DB_FLAGS	(DB_LOCK | DB_SHMEM | DB_TXN)
 #define	USE_OPEN_FLAGS							\
 	(O_CREAT | O_EXCL | O_EXLOCK | O_NOFOLLOW | O_NONBLOCK | 	\
-	 O_RDONLY | O_RDWR | O_SHLOCK | O_SYNC | O_TRUNC)
+	 O_SHLOCK | O_SYNC | O_TRUNC)
 
-	if ((flags & ~(USE_OPEN_FLAGS | DB_FLAGS)) == 0)
+	if (((flags & O_ACCMODE) == O_RDONLY || (flags & O_ACCMODE) == O_RDWR)
+	    && (flags & ~(O_ACCMODE | USE_OPEN_FLAGS | DB_FLAGS)) == 0)
 		switch (type) {
 		case DB_BTREE:
 			return (__bt_open(fname, flags & USE_OPEN_FLAGS,
diff --git a/lib/libc/gen/shm_open.c b/lib/libc/gen/shm_open.c
index 4e15bfa6689..1ebe7c86257 100644
--- a/lib/libc/gen/shm_open.c
+++ b/lib/libc/gen/shm_open.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: shm_open.c,v 1.4 2013/11/12 06:09:48 deraadt Exp $ */
+/* $OpenBSD: shm_open.c,v 1.5 2015/05/11 00:42:54 guenther Exp $ */
 /*
  * Copyright (c) 2013 Ted Unangst <tedu@openbsd.org>
  *
@@ -31,6 +31,9 @@
 /* "/tmp/" + sha256 + ".shm" */
 #define SHM_PATH_SIZE (5 + SHA256_DIGEST_STRING_LENGTH + 4)
 
+/* O_CLOEXEC and O_NOFOLLOW are extensions to POSIX */
+#define OK_FLAGS	(O_CREAT | O_EXCL | O_TRUNC | O_CLOEXEC | O_NOFOLLOW)
+
 static void
 makeshmpath(const char *origpath, char *shmpath, size_t len)
 {
@@ -47,8 +50,8 @@ shm_open(const char *path, int flags, mode_t mode)
 	struct stat sb;
 	int fd;
 
-	if (flags & ~(O_RDONLY | O_RDWR |
-	    O_CREAT | O_EXCL | O_TRUNC | O_CLOEXEC | O_NOFOLLOW)) {
+	if (((flags & O_ACCMODE) != O_RDONLY && (flags & O_ACCMODE) != O_RDWR)
+	    || (flags & ~(O_ACCMODE | OK_FLAGS))) {
 		errno = EINVAL;
 		return -1;
 	}
diff --git a/lib/libc/stdlib/posix_pty.c b/lib/libc/stdlib/posix_pty.c
index a2025ddbb61..72b5d527cc5 100644
--- a/lib/libc/stdlib/posix_pty.c
+++ b/lib/libc/stdlib/posix_pty.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: posix_pty.c,v 1.1 2012/12/03 20:08:33 millert Exp $	*/
+/*	$OpenBSD: posix_pty.c,v 1.2 2015/05/11 00:42:54 guenther Exp $	*/
 
 /*
  * Copyright (c) 2012 Todd C. Miller <Todd.Miller@courtesan.com>
@@ -35,7 +35,8 @@ posix_openpt(int oflag)
 	int fd, mfd = -1;
 
 	/* User must specify O_RDWR in oflag. */
-	if (!(oflag & O_RDWR)) {
+	if ((oflag & O_ACCMODE) != O_RDWR ||
+	    (oflag & ~(O_ACCMODE | O_NOCTTY)) != 0) {
 		errno = EINVAL;
 		return -1;
 	}
diff --git a/lib/libkvm/kvm.c b/lib/libkvm/kvm.c
index ceeb2f6d6fa..ee97c433b16 100644
--- a/lib/libkvm/kvm.c
+++ b/lib/libkvm/kvm.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kvm.c,v 1.54 2015/01/16 16:48:51 deraadt Exp $ */
+/*	$OpenBSD: kvm.c,v 1.55 2015/05/11 00:42:54 guenther Exp $ */
 /*	$NetBSD: kvm.c,v 1.43 1996/05/05 04:31:59 gwr Exp $	*/
 
 /*-
@@ -198,7 +198,7 @@ _kvm_open(kvm_t *kd, const char *uf, const char *mf, const char *sf,
 		_kvm_err(kd, kd->program, "exec file name too long");
 		goto failed;
 	}
-	if (flag & ~O_ACCMODE) {
+	if (flag != O_RDONLY && flag != O_WRONLY && flag != O_RDWR) {
 		_kvm_err(kd, kd->program, "bad flags arg");
 		goto failed;
 	}