Permalink
Browse files

Fall back compiler whitelist check if faccessat() isn't available.

  • Loading branch information...
RJVB authored and shawnl committed May 24, 2018
1 parent bb4d613 commit 07c1eaa4c1c9514c7ad4ce8414e9be768fd51c9f
Showing with 22 additions and 5 deletions.
  1. +1 −1 configure.ac
  2. +21 −4 src/serve.c
@@ -383,7 +383,7 @@ AC_CHECK_FUNCS([strndup strsep mmap strlcpy])
AC_CHECK_FUNCS([getloadavg])
AC_CHECK_FUNCS([getline])
AC_CHECK_FUNCS([fstatat],[],[AC_MSG_WARN([fstatat() not available; distccd will be slightly less secure])])
AC_CHECK_FUNCS([fstatat])
AC_CHECK_DECLS([snprintf, vsnprintf, vasprintf, asprintf, strndup])
@@ -370,9 +370,7 @@ static int dcc_check_compiler_masq(char *compiler_name)
**/
static int dcc_check_compiler_whitelist(char *_compiler_name)
{
#ifdef HAVE_FSTATAT
char *compiler_name = _compiler_name;
int dirfd = -1;
/* Support QtCreator by treating /usr/bin and /bin absolute paths as non-absolute
* see https://github.com/distcc/distcc/issues/279
@@ -387,7 +385,8 @@ static int dcc_check_compiler_whitelist(char *_compiler_name)
return EXIT_BAD_ARGUMENTS;
}
dirfd = open(LIBDIR "/distcc", O_RDONLY);
#ifdef HAVE_FSTATAT
int dirfd = open(LIBDIR "/distcc", O_RDONLY);
if (dirfd < 0) {
if (errno == ENOENT)
rs_log_crit("no %s", LIBDIR "/distcc");
@@ -400,8 +399,26 @@ static int dcc_check_compiler_whitelist(char *_compiler_name)
}
rs_trace("%s in" LIBDIR "/distcc whitelist", compiler_name);
#endif
return 0;
#else
// make do with access():
char *compiler_path = NULL;
int ret = 0;
if (asprintf(&compiler_path, "%s/distcc/%s", LIBDIR, compiler_name) && compiler_path) {
if (access(compiler_path, X_OK) < 0) {
rs_log_crit("%s not in %s whitelist.", compiler_name, LIBDIR "/distcc");
ret = EXIT_BAD_ARGUMENTS; /* ENOENT, EACCESS, etc */
}
rs_trace("%s in" LIBDIR "/distcc whitelist", compiler_name);
} else {
rs_log_crit("Couldn't check if %s is in %s whitelist.", compiler_name, LIBDIR "/distcc");
ret = EXIT_DISTCC_FAILED;
}
if (compiler_path) {
free(compiler_path);
}
return ret;
#endif
}
static const char *include_options[] = {

0 comments on commit 07c1eaa

Please sign in to comment.