From: Chris Allegretta Date: Sat, 2 Dec 2000 04:36:50 +0000 (+0000) Subject: Okay, so if the .save file is a symlink, don't write to it, abort X-Git-Tag: v0.9.22~14 X-Git-Url: https://git.wh0rd.org/?a=commitdiff_plain;h=3dbb2783d36b96e0a4dd2ada706afa795fdefbd2;p=nano.git Okay, so if the .save file is a symlink, don't write to it, abort git-svn-id: svn://svn.savannah.gnu.org/nano/trunk/nano@361 35c25a1d-7b9e-4130-9fde-d3aeb78583b8 --- diff --git a/ChangeLog b/ChangeLog index 73452f32..651b2ffd 100644 --- a/ChangeLog +++ b/ChangeLog @@ -23,6 +23,7 @@ CVS code - - files.c: write_file() - Unsetting modified on temp files bug fixed (Rocco Corsi). + - Okay, if tmp == 1 and the file is a symlink, we return -1. do_insertfile() - Added call to real_name_from tilde, oops. Added check for DISABLE_TABCOMP. @@ -60,7 +61,7 @@ CVS code - die() - Now creates .save file using variable-length strings. Also calls write_file with tmp == 1, which happens to do exactly what - we want (ignore symlinks and use mode 0600). + we want (abort on save file is a symlink and use mode 0600). handle_sighup() - Now calls die instead of writing on its own and exiting normally. - search.c: diff --git a/files.c b/files.c index 05d31d87..3fd29143 100644 --- a/files.c +++ b/files.c @@ -293,8 +293,8 @@ int do_insertfile(void) * we don't set the global variable filename to it's name, and don't * print out how many lines we wrote on the statusbar. * - * Note that tmp is only set to 1 for storing temporary files internal - * to the editor, and is completely different from TEMP_OPT. + * tmp means we are writing a tmp file in a secute fashion. We use + * it when spell checking or dumping the file on an error. */ int write_file(char *name, int tmp) { @@ -326,9 +326,13 @@ int write_file(char *name, int tmp) cause unexpected behavior */ lstat(realname, &st); - /* Open the file and truncate it. Trust the symlink. */ - if (!tmp && (ISSET(FOLLOW_SYMLINKS) || !S_ISLNK(st.st_mode))) { + /* New case: if it's a symlink and tmp is set, abort. It could be + a symlink attack */ + if (tmp && S_ISLNK(st.st_mode)) + return -1; + else if (!tmp && (ISSET(FOLLOW_SYMLINKS) || !S_ISLNK(st.st_mode))) { + /* Open the file and truncate it. Trust the symlink. */ if ((fd = open(realname, O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH)) == -1) { diff --git a/nano.c b/nano.c index 90b540a8..50f0f581 100644 --- a/nano.c +++ b/nano.c @@ -104,24 +104,25 @@ RETSIGTYPE finish(int sigage) void die(char *msg, ...) { va_list ap; + char *name; + int i; va_start(ap, msg); vfprintf(stderr, msg, ap); va_end(ap); - /* No following symlinks when we dump the file contents */ - UNSET(FOLLOW_SYMLINKS); - /* if we can't save we have REAL bad problems, * but we might as well TRY. */ if (filename[0] == '\0') { - write_file("nano.save", 1); + name = "nano.save"; + i = write_file(name, 1); } else { char *buf = nmalloc(strlen(filename) + 6); strcpy(buf, filename); strcat(buf, ".save"); - write_file(buf, 1); + i = write_file(buf, 1); + name = buf; } /* Restore the old term settings */ tcsetattr(0, TCSANOW, &oldterm); @@ -132,7 +133,11 @@ void die(char *msg, ...) endwin(); fprintf(stderr, msg); - fprintf(stderr, _("\nBuffer written to 'nano.save'\n")); + fprintf(stderr, "\n"); + if (i != -1) + fprintf(stderr, _("\nBuffer written to %s\n"), name); + else + fprintf(stderr, _("No .save file written (symlink encountered?)\n")); exit(1); /* We have a problem: exit w/ errorlevel(1) */ } @@ -1364,8 +1369,10 @@ int do_spell(void) return 0; } - if (write_file(temp, 1) == -1) + if (write_file(temp, 1) == -1) { + statusbar(_("Spell checking failed: unable to write temp file!")); return 0; + } if (alt_speller) spell_res = do_alt_speller(temp); diff --git a/po/nano.pot b/po/nano.pot index eeabc1c0..5be7d7cd 100644 --- a/po/nano.pot +++ b/po/nano.pot @@ -6,7 +6,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" -"POT-Creation-Date: 2000-12-01 22:06-0500\n" +"POT-Creation-Date: 2000-12-01 23:31-0500\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -55,59 +55,59 @@ msgstr "" msgid "File to insert [from ./] " msgstr "" -#: files.c:284 files.c:309 files.c:517 nano.c:1413 +#: files.c:284 files.c:309 files.c:521 nano.c:1420 msgid "Cancelled" msgstr "" -#: files.c:339 files.c:360 files.c:374 files.c:391 files.c:397 +#: files.c:343 files.c:364 files.c:378 files.c:395 files.c:401 #, c-format msgid "Could not open file for writing: %s" msgstr "" -#: files.c:348 +#: files.c:352 msgid "Could not open file: Path length exceeded." msgstr "" -#: files.c:379 +#: files.c:383 #, c-format msgid "Wrote >%s\n" msgstr "" -#: files.c:406 +#: files.c:410 #, c-format msgid "Could not close %s: %s" msgstr "" #. Try a rename?? -#: files.c:427 files.c:438 files.c:443 +#: files.c:431 files.c:442 files.c:447 #, c-format msgid "Could not open %s for writing: %s" msgstr "" -#: files.c:449 +#: files.c:453 #, c-format msgid "Could not set permissions %o on %s: %s" msgstr "" -#: files.c:456 +#: files.c:460 #, c-format msgid "Wrote %d lines" msgstr "" -#: files.c:488 +#: files.c:492 msgid "File Name to write" msgstr "" -#: files.c:493 +#: files.c:497 #, c-format msgid "filename is %s" msgstr "" -#: files.c:506 +#: files.c:510 msgid "File exists, OVERWRITE ?" msgstr "" -#: files.c:995 +#: files.c:999 msgid "(more)" msgstr "" @@ -400,17 +400,22 @@ msgstr "" msgid "No Replace" msgstr "" -#: nano.c:135 +#: nano.c:138 +#, c-format msgid "" "\n" -"Buffer written to 'nano.save'\n" +"Buffer written to %s\n" +msgstr "" + +#: nano.c:140 +msgid "No .save file written (symlink encountered?)\n" msgstr "" -#: nano.c:142 +#: nano.c:147 msgid "Key illegal in VIEW mode" msgstr "" -#: nano.c:179 +#: nano.c:184 msgid "" " nano help text\n" "\n" @@ -431,316 +436,320 @@ msgid "" "\n" msgstr "" -#: nano.c:282 +#: nano.c:287 msgid "free_node(): free'd a node, YAY!\n" msgstr "" -#: nano.c:287 +#: nano.c:292 msgid "free_node(): free'd last node.\n" msgstr "" -#: nano.c:339 +#: nano.c:344 msgid "" "Usage: nano [GNU long option] [option] +LINE \n" "\n" msgstr "" -#: nano.c:340 +#: nano.c:345 msgid "Option\t\tLong option\t\tMeaning\n" msgstr "" -#: nano.c:342 +#: nano.c:347 msgid " -T \t\t--tabsize=[num]\t\tSet width of a tab to num\n" msgstr "" -#: nano.c:345 +#: nano.c:350 msgid " -R\t\t--regexp\t\tUse regular expressions for search\n" msgstr "" -#: nano.c:349 +#: nano.c:354 msgid " -V \t\t--version\t\tPrint version information and exit\n" msgstr "" -#: nano.c:351 +#: nano.c:356 msgid " -c \t\t--const\t\t\tConstantly show cursor position\n" msgstr "" -#: nano.c:353 +#: nano.c:358 msgid " -h \t\t--help\t\t\tShow this message\n" msgstr "" -#: nano.c:356 +#: nano.c:361 msgid " -k \t\t--cut\t\t\tLet ^K cut from cursor to end of line\n" msgstr "" -#: nano.c:359 +#: nano.c:364 msgid " -i \t\t--autoindent\t\tAutomatically indent new lines\n" msgstr "" -#: nano.c:361 +#: nano.c:366 msgid " -l \t\t--nofollow\t\tDon't follow symbolic links, overwrite\n" msgstr "" -#: nano.c:364 +#: nano.c:369 msgid " -m \t\t--mouse\t\t\tEnable mouse\n" msgstr "" -#: nano.c:369 +#: nano.c:374 msgid "" " -r [#cols] \t--fill=[#cols]\t\tSet fill cols to (wrap lines at) #cols\n" msgstr "" -#: nano.c:371 +#: nano.c:376 msgid " -p\t \t--pico\t\t\tEmulate Pico as closely as possible\n" msgstr "" -#: nano.c:373 +#: nano.c:378 msgid " -s [prog] \t--speller=[prog]\tEnable alternate speller\n" msgstr "" -#: nano.c:375 +#: nano.c:380 msgid " -t \t\t--tempfile\t\tAuto save on exit, don't prompt\n" msgstr "" -#: nano.c:377 +#: nano.c:382 msgid " -v \t\t--view\t\t\tView (read only) mode\n" msgstr "" -#: nano.c:379 +#: nano.c:384 msgid " -w \t\t--nowrap\t\tDon't wrap long lines\n" msgstr "" -#: nano.c:381 +#: nano.c:386 msgid " -x \t\t--nohelp\t\tDon't show help window\n" msgstr "" -#: nano.c:383 +#: nano.c:388 msgid " -z \t\t--suspend\t\tEnable suspend\n" msgstr "" -#: nano.c:385 +#: nano.c:390 msgid " +LINE\t\t\t\t\tStart at line number LINE\n" msgstr "" -#: nano.c:387 +#: nano.c:392 msgid "" "Usage: nano [option] +LINE \n" "\n" msgstr "" -#: nano.c:388 +#: nano.c:393 msgid "Option\t\tMeaning\n" msgstr "" -#: nano.c:389 +#: nano.c:394 msgid " -T [num]\tSet width of a tab to num\n" msgstr "" -#: nano.c:390 +#: nano.c:395 msgid " -R\t\tUse regular expressions for search\n" msgstr "" -#: nano.c:391 +#: nano.c:396 msgid " -V \t\tPrint version information and exit\n" msgstr "" -#: nano.c:392 +#: nano.c:397 msgid " -c \t\tConstantly show cursor position\n" msgstr "" -#: nano.c:393 +#: nano.c:398 msgid " -h \t\tShow this message\n" msgstr "" -#: nano.c:395 +#: nano.c:400 msgid " -k \t\tLet ^K cut from cursor to end of line\n" msgstr "" -#: nano.c:397 +#: nano.c:402 msgid " -i \t\tAutomatically indent new lines\n" msgstr "" -#: nano.c:399 +#: nano.c:404 msgid " -l \t\tDon't follow symbolic links, overwrite\n" msgstr "" -#: nano.c:402 +#: nano.c:407 msgid " -m \t\tEnable mouse\n" msgstr "" -#: nano.c:406 +#: nano.c:411 msgid " -r [#cols] \tSet fill cols to (wrap lines at) #cols\n" msgstr "" -#: nano.c:407 +#: nano.c:412 msgid " -s [prog] \tEnable alternate speller\n" msgstr "" -#: nano.c:408 +#: nano.c:413 msgid " -p \t\tEmulate Pico as closely as possible\n" msgstr "" -#: nano.c:409 +#: nano.c:414 msgid " -t \t\tAuto save on exit, don't prompt\n" msgstr "" -#: nano.c:410 +#: nano.c:415 msgid " -v \t\tView (read only) mode\n" msgstr "" -#: nano.c:411 +#: nano.c:416 msgid " -w \t\tDon't wrap long lines\n" msgstr "" -#: nano.c:412 +#: nano.c:417 msgid " -x \t\tDon't show help window\n" msgstr "" -#: nano.c:413 +#: nano.c:418 msgid " -z \t\tEnable suspend\n" msgstr "" -#: nano.c:414 +#: nano.c:419 msgid " +LINE\t\tStart at line number LINE\n" msgstr "" -#: nano.c:421 +#: nano.c:426 #, c-format msgid " nano version %s by Chris Allegretta (compiled %s, %s)\n" msgstr "" -#: nano.c:424 +#: nano.c:429 msgid " Email: nano@nano-editor.org\tWeb: http://www.nano-editor.org" msgstr "" -#: nano.c:425 +#: nano.c:430 msgid "" "\n" " Compiled options:" msgstr "" -#: nano.c:481 +#: nano.c:486 msgid "Mark Set" msgstr "" -#: nano.c:486 +#: nano.c:491 msgid "Mark UNset" msgstr "" -#: nano.c:934 +#: nano.c:939 #, c-format msgid "check_wrap called with inptr->data=\"%s\"\n" msgstr "" -#: nano.c:985 +#: nano.c:990 #, c-format msgid "current->data now = \"%s\"\n" msgstr "" -#: nano.c:1038 +#: nano.c:1043 #, c-format msgid "After, data = \"%s\"\n" msgstr "" -#: nano.c:1138 +#: nano.c:1143 msgid "Edit a replacement" msgstr "" -#: nano.c:1362 +#: nano.c:1367 #, c-format msgid "Could not create a temporary filename: %s" msgstr "" -#: nano.c:1378 +#: nano.c:1373 +msgid "Spell checking failed: unable to write temp file!" +msgstr "" + +#: nano.c:1385 msgid "Finished checking spelling" msgstr "" -#: nano.c:1380 +#: nano.c:1387 msgid "Spell checking failed" msgstr "" -#: nano.c:1400 +#: nano.c:1407 msgid "Save modified buffer (ANSWERING \"No\" WILL DESTROY CHANGES) ? " msgstr "" -#: nano.c:1496 +#: nano.c:1503 msgid "Received SIGHUP" msgstr "" -#: nano.c:1562 +#: nano.c:1569 msgid "Cannot resize top win" msgstr "" -#: nano.c:1564 +#: nano.c:1571 msgid "Cannot move top win" msgstr "" -#: nano.c:1566 +#: nano.c:1573 msgid "Cannot resize edit win" msgstr "" -#: nano.c:1568 +#: nano.c:1575 msgid "Cannot move edit win" msgstr "" -#: nano.c:1570 +#: nano.c:1577 msgid "Cannot resize bottom win" msgstr "" -#: nano.c:1572 +#: nano.c:1579 msgid "Cannot move bottom win" msgstr "" -#: nano.c:1860 +#: nano.c:1867 msgid "Can now UnJustify!" msgstr "" -#: nano.c:1955 +#: nano.c:1962 #, c-format msgid "%s enable/disable" msgstr "" -#: nano.c:1967 +#: nano.c:1974 msgid "enabled" msgstr "" -#: nano.c:1968 +#: nano.c:1975 msgid "disabled" msgstr "" -#: nano.c:2198 +#: nano.c:2205 msgid "Main: set up windows\n" msgstr "" -#: nano.c:2211 +#: nano.c:2218 msgid "Main: bottom win\n" msgstr "" -#: nano.c:2217 +#: nano.c:2224 msgid "Main: open file\n" msgstr "" -#: nano.c:2254 +#: nano.c:2261 #, c-format msgid "I got Alt-O-%c! (%d)\n" msgstr "" -#: nano.c:2276 +#: nano.c:2283 #, c-format msgid "I got Alt-[-1-%c! (%d)\n" msgstr "" -#: nano.c:2309 +#: nano.c:2316 #, c-format msgid "I got Alt-[-2-%c! (%d)\n" msgstr "" -#: nano.c:2357 +#: nano.c:2364 #, c-format msgid "I got Alt-[-%c! (%d)\n" msgstr "" -#: nano.c:2383 +#: nano.c:2390 #, c-format msgid "I got Alt-%c! (%d)\n" msgstr ""